VMware response to ‘L1 Terminal Fault - OS’ (L1TF - OS) Speculative-Execution vulnerability for VMware Virtual Appliances: CVE-2018-3620
search cancel

VMware response to ‘L1 Terminal Fault - OS’ (L1TF - OS) Speculative-Execution vulnerability for VMware Virtual Appliances: CVE-2018-3620

book

Article ID: 317618

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

The VMware Security Engineering, Communications, and Response group (vSECR) has investigated the impact CVE-2018-3620 may have on VMware products. This issue is classified as a Speculative-Execution vulnerability which requires Operating System-Specific Mitigations  which are defined in KB55636.

Please sign up at our Security-Announce mailing list to receive new and updated VMware Security Advisories and click Subscribe to Article in the Actions box to be alerted when new information is added to this document.

Resolution

Evaluation Summary:
  • CVE-2018-3620 has been classified as a potential local privilege escalation in the Moderate severity range. Please review our VMware Security Response Policies for information on severity classifications.
  • CVE-2018-3620 has the potential of affecting VMware Virtual Appliances by way of the linux-based operating system that they ship on top of.
  • Products that ship as an installable windows or linux binary are not directly affected, but patches may be required from the respective operating system vendor that these products are installed on. VMware recommends contacting your 3rd party operating system vendor to determine appropriate actions for mitigation of CVE-2018-3620.
  • VMware hypervisors are not affected by CVE-2018-3620.
Unaffected Products

vSECR has completed evaluation of the following products and determined that under supported configurations they are not affected as there is no available path to execute arbitrary code without administrative privileges.

Note: Automated vulnerability scanners may report that these products are vulnerable to CVE-2018-3620 even though the issue is not exploitable. These products will still be updating their respective kernels in scheduled maintenance releases as a precautionary measure.

If a specific version number is not listed, then that entry refers to all supported versions of the appliance.
 
ProductsVersionEvaluationWorkaround
VMware App Defense ApplianceAnyUnaffectedN/A
VMware Horizon DaaS PlatformAnyUnaffectedN/A
VMware Horizon MirageAnyUnaffectedN/A
VMware HCXAnyUnaffectedN/A
VMware Integrated OpenstackAnyUnaffectedN/A
VMware IoT PulseAnyUnaffectedN/A
VMware MirageAnyUnaffectedN/A
VMware NSX for vSphereAnyUnaffectedN/A
VMware NSX-TAnyUnaffectedN/A
VMware Skyline ApplianceAnyUnaffectedN/A
VMware Unified Access GatewayAnyUnaffectedN/A
VMware vCenter Server5.5UnaffectedN/A
VMware vCloud Availability for vCloud DirectorAnyUnaffectedN/A
VMware vCloud Director ExtenderAnyUnaffectedN/A
VMware vRealize Business for CloudAnyUnaffectedN/A
VMware vRealize Log InsightAnyUnaffectedN/A
VMware vRealize Network InsightAnyUnaffectedN/A
VMware vRealize OperationsAnyUnaffectedN/A
VMware vRealize OrchestratorAnyUnaffectedN/A
VMware vSphere ReplicationAnyUnaffectedN/A
VMware WorkbenchAnyUnaffectedN/A

Potentially Affected Products
Information on potentially affected products including applicable workarounds can be found in VMSA-2018-0021.

Additional Information

L1TF (L1 Terminal Fault)