Security issues related to speculative execution in Intel processors – VMware announcement

”L1 Terminal Fault” vulnerabilities CVE-2018-3646, CVE-2018-3620 and CVE-2018-3615

Intel has disclosed details on a new class of CPU speculative-execution vulnerabilities known collectively as “L1 Terminal Fault” that can occur on past and current Intel processors (from at least 2009 – 2018).

Like Meltdown, Rogue System Register Read, and “Lazy FP state restore”, the “L1 Terminal Fault” vulnerability can occur when affected Intel microprocessors speculate beyond an unpermitted data access.

By continuing the speculation in these cases, the affected Intel microprocessors expose a new side-channel for attack.

For more information see VMware Knowledge Base Article KB55636.

If after applying patches to the ESXi host you are seeing the notification esx.problem.hyperthreading.unmitigated, review KB57374 for further information.