L1 Terminal Fault Vulnerability (CVE-2018-3620 & CVE-2018-3646) Detector

Retired: This application is now retired.

This tool is designed to detect L1 Terminal Fault Attack (L1TF) in Red Hat Enterprise Linux 5 or later.

This tool provides the detection script to determine if your system is currently vulnerable to L1 Terminal Fault Attack (L1TF).

Additonally, two Ansible playbooks are provided by the tool. The first, CVE-2018-3620-fix_disable_ht.yml, can be applied to systems which have not been updated to address L1TF to disable Hyper-Threading without restarting the system. The second playbook, CVE-2018-3620-apply_settings.yml, will help you enable mitigations provided by an L1TF-aware kernel.

For more information about L1 Terminal Fault Attack (L1TF), read L1 Terminal Fault Attack.

2 Comments

Subscriber exclusive content

An active Red Hat subscription is required to participate.

KY Red Hat Active Contributor 141 points

20 August 2018 8:01 AM

Kazushige Yoneyama

gpg2 needs to be executed as follows to import key from external keyserver.

$ gpg2 --keyserver pgp.mit.edu --keyserver-options http-proxy=PROXY:PORT--search-keys 0x7514F77D8366B0D9

DZ Red Hat Community Member 41 points

21 August 2018 9:53 AM

Dong Zhao

Hi Kazushige,

Thank you for reaching out. We will investigate the problem and update the app if needed. Thanks, Dong

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

L1 Terminal Fault Vulnerability (CVE-2018-3620 & CVE-2018-3646) Detector

2 Comments

Subscriber exclusive content