[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Intel processor - side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

ID: oval:org.secpod.oval:def:48691Date: (C)2018-11-05   (M)2024-01-29
Class: VULNERABILITYFamily: unix




This is a flaw in the Intel processor execution engine sharing on SMT (e.g. Hyper-Threading) architectures. It can result in leakage of secret data in applications such as OpenSSL that has secret dependent control flow at any granularity level. In order to exploit this flaw, the attacker needs to run a malicious process on the same core of the processor as the victim process.

Platform:
Red Hat Enterprise Linux 7
Product:
openssl
Reference:
CVE-2018-5407
CVE    1
CVE-2018-5407
CPE    2
cpe:/o:redhat:enterprise_linux:7
cpe:/a:openssl:openssl

© SecPod Technologies