Description
This kernel-linus update is based on the upstream 4.14.65 and adds fixes
and mitigations for the now publically known security issue affecting
Intel processors called L1 Terminal Fault (L1TF):
Systems with microprocessors utilizing speculative execution and Intel
Software Guard Extensions (Intel SGX) may allow unauthorized disclosure
of information residing in the L1 data cache from an enclave to an
attacker with local user access via side-channel analysis (CVE-2018-3615).
Systems with microprocessors utilizing speculative execution and address
translations may allow unauthorized disclosure of information residing in
the L1 data cache to an attacker with local user access via a terminal
page fault and side-channel analysis (CVE-2018-3620).
Systems with microprocessors utilizing speculative execution and address
translations may allow unauthorized disclosure of information residing in
the L1 data cache to an attacker with local user access with guest OS
privilege via a terminal page fault and side-channel analysis
(CVE-2018-3646).
The impact of the L1TF security issues.