L1 Terminal Fault Vulnerability (CVE-2018-3620 & CVE-2018-3646) Detector

Updated -

This tool is designed to detect L1 Terminal Fault Attack (L1TF) in Red Hat Enterprise Linux 5 or later.

This tool provides the detection script to determine if your system is currently vulnerable to L1 Terminal Fault Attack (L1TF).

Additonally, two Ansible playbooks are provided by the tool. The first, CVE-2018-3620-fix_disable_ht.yml, can be applied to systems which have not been updated to address L1TF to disable Hyper-Threading without restarting the system. The second playbook, CVE-2018-3620-apply_settings.yml, will help you enable mitigations provided by an L1TF-aware kernel.

For more information about L1 Terminal Fault Attack (L1TF), read L1 Terminal Fault Attack.

Was this helpful?

We appreciate your feedback. Leave a comment if you would like to provide more detail.
It looks like we have some work to do. Leave a comment to let us know how we could improve.

Get notified when this content is updated

Follow

2 Comments

Subscriber exclusive content

An active Red Hat subscription is required to participate.

Log In

gpg2 needs to be executed as follows to import key from external keyserver.

$ gpg2 --keyserver pgp.mit.edu --keyserver-options http-proxy=PROXY:PORT--search-keys 0x7514F77D8366B0D9

Hi Kazushige,

Thank you for reaching out. We will investigate the problem and update the app if needed. Thanks, Dong