BSA-2018-740
21678
02 November 2018
02 November 2018
Closed
Low
4.8
N/A
CVE-2018-5407
Summary Security Advisory ID : BSA-2018-740 Component : CPU featuring SMT Revision : 1.0: Initial
A group a researchers has discover a new vulnerability being called PortSmash, impacting all CPUs that use a Simultaneous Multithreading (SMT) architecture. SMT is a technology that allows multiple computing threads to be executed simultaneously on a CPU core.
"PortSmash is being classified as a side-channel attack which is technique used for leaking encrypted data from a computer’s memory or CPU, that will also record and analyze discrepancies in operation times, power consumption, electromagnetic leaks, or even sound to gain additional info that may help break encryption algorithms and recovering the CPU’s processed data."
The researchers have pubished a PortSmash attack proof-of-concept (PoC) on Intel Skylake and Kaby Lake CPUs.
Products Confirmed Not Vulnerable
No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | Nov 02, 2018 |