vulnerability
FreeBSD: VID-2310b814-a652-11e8-805b-a4badb2f4699 (CVE-2018-3620): FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | Aug 22, 2018 | Aug 23, 2018 | Dec 10, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:C/I:N/A:N)
Published
Aug 22, 2018
Added
Aug 23, 2018
Modified
Dec 10, 2025
Description
Problem Description: On certain Intel 64-bit x86 systems there is a period of time during terminal fault handling where the CPU may use speculative execution to try to load data. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods. This issue affects bhyve on FreeBSD/amd64 systems. Impact: An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.
Solutions
freebsd-upgrade-base-11_2-release-p2freebsd-upgrade-base-11_1-release-p13
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.