포스팅 내용

국내외 보안동향

Intel CPU, Foreshadow/L1TF 취약점 발견

인텔 Core 및 Xeon 프로세서에 영향을 미치는 새로운 취약점이 발견되었습니다. 


이번에 발견된 3개의 취약점은 이전에 발견된 Spectre/Meltdown 취약점과 유사합니다. 


취약점 개요


Foreshadow 취약점(CVE-2018-3615)

CPU의 L1캐시 중 SGX 데이터를 탈취할 수 있습니다.


Foreshadow-NG(CVE-2018-3620, CVE-2018-3646)

Foreshaow 공격의 두 가지 변형 버전으로, CPU의 L1 캐시 중의 데이터 탈취할 수 있는데, CVE-2018-3620취약점은 시스템관리모드(SSM) 또는 시스템 커널의 정보를 탈취할 수 있으며, CVE-2018-3646취약점은 버추얼머신매니저(VMM)의 가상정보를 탈취할 수 있습니다.




영향받는 버전 


Microsoft Windows Server 2012 R2 0

Microsoft Windows Server 2012 0

Microsoft Windows Server 2008 R2 for x64-based Systems SP1

Microsoft Windows Server 2008 for x64-based Systems SP2

Microsoft Windows Server 2008 for 32-bit Systems SP2

Microsoft Windows Server 1803 0

Microsoft Windows Server 1709 0

Microsoft Windows Server 2016

Microsoft Windows RT 0

Microsoft Windows 8.1 for x64-based Systems 0

Microsoft Windows 8.1 for 32-bit Systems 0

Microsoft Windows 7 for x64-based Systems SP1

Microsoft Windows 7 for 32-bit Systems SP1

Microsoft Windows 10 Version 1803 for x64-based Systems 0

Microsoft Windows 10 Version 1803 for 32-bit Systems 0

Microsoft Windows 10 version 1709 for x64-based Systems 0

Microsoft Windows 10 version 1709 for 32-bit Systems 0

Microsoft Windows 10 version 1703 for x64-based Systems 0

Microsoft Windows 10 version 1703 for 32-bit Systems 0

Microsoft Windows 10 Version 1607 for x64-based Systems 0

Microsoft Windows 10 Version 1607 for 32-bit Systems 0

Microsoft Windows 10 for x64-based Systems 0

Intel Xeon Processor Scalable Family 0

Intel Xeon Processor E7 v4 Family 0

Intel Xeon Processor E7 v3 Family 0

Intel Xeon Processor E7 v2 Family 0

Intel Xeon Processor E7 Family 0

Intel Xeon Processor E5 v4 Family 0

Intel Xeon Processor E5 v3 Family 0

Intel Xeon Processor E5 v2 Family 0

Intel Xeon Processor E5 Family 0

Intel Xeon Processor E3 v6 Family 0

Intel Xeon Processor E3 v5 Family 0

Intel Xeon Processor E3 v4 Family 0

Intel Xeon Processor E3 v3 Family 0

Intel Xeon Processor E3 v2 Family 0

Intel Xeon Processor E3 Family 0

Intel Xeon Processor D-2100 0

Intel Xeon Processor D-1500 0

Intel Xeon processor 7500 series 0

Intel Xeon processor 6500 series 0

Intel Xeon processor 5600 series 0

Intel Xeon processor 5500 series 0

Intel Xeon processor 3600 series 0

Intel Xeon processor 3400 series 0

Intel Virtual Machine Manager (VMM) 0

Intel System Management Mode (SMM) 0

Intel Software Guard Extensions (SGX) 0

Intel Operating System (OS) 0

Intel Core X-series Processor Family for Intel X99 platforms 0

Intel Core X-series Processor Family for Intel X299 platforms 0

Intel Core M processor family 0

Intel Core i7 processor 0

Intel Core i5 processor 0

Intel Core i3 processor 0

Intel 8th generation Core processors 0

Intel 7th generation Core processors 0

Intel 6th generation Core processors 0

Intel 5th generation Core processors 0

Intel 4th generation Core processors 0

Intel 3rd generation Core processors 0

Intel 2nd generation Core processors 0



패치방법


Intel측은, Spectre 취약점과 다르게 이번 취약점은 패치를 진행해도 성능상에 별다른 영향이 없다고 밝혔습니다. 


Intel 


MS 


Oracle


Redhat


이 밖에 일부 클라우드 서비스 제공업체들도 이번 취약점에 대한 보안 메뉴얼을 제공중에 있습니다. 


Foreshadow 취약점에 대해 더 자세히 알고 싶으신 분들은 여기를 참고하시기 바랍니다.




출처 :

https://www.bleepingcomputer.com/news/security/researchers-disclose-new-foreshadow-l1tf-vulnerabilities-affecting-intel-cpus/

https://www.securityfocus.com/bid/105080

티스토리 방명록 작성
name password homepage