BSA-2018-740

Brocade Fabric OS

2 more products

21678

02 November 2018

02 November 2018

Closed

Low

4.8

N/A

CVE-2018-5407

Summary

Security Advisory ID : BSA-2018-740

Component : CPU featuring SMT

Revision : 1.0: Initial


A group a researchers has discover a new vulnerability being called PortSmash, impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture.  SMT is a technology that allows multiple computing threads to be executed simultaneously on a CPU core.

"PortSmash is being classified as a  side-channel attack which is technique used for leaking encrypted data from a computer’s memory or CPU, that will also record and analyze discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU’s processed data."

The researchers have pubished a PortSmash attack proof-of-concept (PoC) on Intel Skylake and Kaby Lake CPUs.

Products Confirmed Not Vulnerable
No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Revision History

Version Change Date
1.0 Initial Publication Nov 02, 2018