We use cookies to help us improve our webpage. Please read our Cookie Policy.

Synology-SA-18:45 L1 Terminal Fault

Publish Time: 2018-08-15 17:00:49 UTC+8

Last Updated: 2018-08-15 17:00:49 UTC+8

Severity
Moderate
Status
Ongoing

Abstract

The L1 Terminal Fault (L1TF) vulnerability, a.k.a. Foreshadow attack, allows local users or guest OS users to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM) that are equipped with Intel CPU or Virtual Machine Manager.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2[1] Moderate Ongoing
DSM 6.1[2] Moderate Will be fixed in DSM 6.2.
DSM 5.2[3] Moderate Will be fixed in DSM 6.2.
SkyNAS Moderate Ongoing
Virtual Machine Manager Moderate Ongoing

[1] DS218+, DS418play, DS718+, DS918+, DS415+, DS1515+, DS1517+, DS1815+, DS1817+, DS2415+, RS815+, RS815RP+, RS818+, RS818RP+, RS2416+, RS2416RP+, RS1219+, DS216+, DS216+II, DS416play, DS716+, DS716+II, DS916+, RS3617xs, RS3617RPxs, FS2017, RS3617xs+, RS3618xs, RS4017xs+, RS18017xs+, FS1018, DS3617xs, DS3018xs, DS1618+, RS2418RP+, RS2818RP+, FS3017, DS3611xs, DS3612xs, RS3411RPxs, RS3411xs, RS10613xs+, RS3614xs+, RC18015xs+, RS18016xs+, RS3617xs, RS3614RPxs, RS3614xs, DS3615xs, RS3413xs+, RS3412xs, RS3412RPxs, Virtual DSM

[2] DS218+, DS418play, DS718+, DS918+, DS415+, DS1515+, DS1517+, DS1815+, DS1817+, DS2415+, RS815+, RS815RP+, RS818+, RS818RP+, RS2416+, RS2416RP+, DS216+, DS216+II, DS416play, DS716+, DS716+II, DS916+, RS3617xs, RS3617RPxs, FS2017, RS3617xs+, RS3618xs, RS4017xs+, RS18017xs+, FS1018, DS3617xs, DS3018xs, DS1618+, RS2418RP+, RS2818RP+, FS3017, DS3611xs, DS3612xs, RS3411RPxs, RS3411xs, RS10613xs+, RS3614xs+, RC18015xs+, RS18016xs+, RS3617xs, RS3614RPxs, RS3614xs, DS3615xs, RS3413xs+, RS3412xs, RS3412RPxs, Virtual DSM

[3] DS415+, DS1515+, DS1815+, DS2415+, RS815+, RS815RP+, RS2416+, RS2416RP+, DS216+, DS716+, DS3617xs, FS3017, DS3611xs, DS3612xs, RS3411RPxs, RS3411xs, RS10613xs+, RS3614xs+, RC18015xs+, RS18016xs+, RS3614RPxs, RS3614xs, DS3615xs, RS3413xs+, RS3412xs, RS3412RPxs

Mitigation

None

Detail

  • CVE-2018-3615

    • Severity: Not affected
    • CVSS3 Base Score: 0.0
    • CVSS3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    • Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
  • CVE-2018-3620

    • Severity: Moderate
    • CVSS3 Base Score: 5.3
    • CVSS3 Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
    • Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
  • CVE-2018-3646

    • Severity: Moderate
    • CVSS3 Base Score: 5.3
    • CVSS3 Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
    • Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

Reference

Revision

Revision Date Description
1 2018-08-15 Initial public release.