[USN-3823-1] Linux kernel vulnerabilities

Severity Medium

CVEs 2

Several security issues were mitigated in the Linux kernel.

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker in a guest virtual machine could use this to expose sensitive
information (memory from other guests or the host OS). (CVE-2018-3646)

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker could use this to expose sensitive information (memory from the
kernel or other processes). (CVE-2018-3620)

ID

USN-3823-1

Severity

medium

Severity from

CVE-2018-3620

URL

https://ubuntu.com/security/notices/USN-3823-1

Published