FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2310b814-a652-11e8-805b-a4badb2f4699FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure

Problem Description:

On certain Intel 64-bit x86 systems there is a period of time during terminal fault handling where the CPU may use speculative execution to try to load data. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods.

This issue affects bhyve on FreeBSD/amd64 systems.

Impact:

An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.


Discovery 2018-08-14
Entry 2018-08-22
FreeBSD-kernel
ge 11.2 lt 11.2_2

ge 11.1 lt 11.1_13

CVE-2018-3620
CVE-2018-3646
SA-18:09.l1tf