Retired: This application is now retired.

L1 Terminal Fault Vulnerability (CVE-2018-3620 & CVE-2018-3646) Detector

Updated -

This tool is designed to detect L1 Terminal Fault Attack (L1TF) in Red Hat Enterprise Linux 5 or later.

This tool provides the detection script to determine if your system is currently vulnerable to L1 Terminal Fault Attack (L1TF).

Additonally, two Ansible playbooks are provided by the tool. The first, CVE-2018-3620-fix_disable_ht.yml, can be applied to systems which have not been updated to address L1TF to disable Hyper-Threading without restarting the system. The second playbook, CVE-2018-3620-apply_settings.yml, will help you enable mitigations provided by an L1TF-aware kernel.

For more information about L1 Terminal Fault Attack (L1TF), read L1 Terminal Fault Attack.