This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Advisory - CPU Side Channel Vulnerability "L1TF"

  • SA No:huawei-sa-20180815-01-cpu
  • Initial Release Date: 2018-08-15
  • Last Release Date: 2021-12-29

Intel and security researchers publicly disclosed three new cpu side-channel vulnerabilities (CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646). Successful exploit of these vulnerabilities could allow a local attacker to read the memory of other processes in specific situations. These vulnerabilities are named by researchers as "Foreshadow" and "Foreshadow-NG". They are also known as L1 Terminal Fault (L1TF) in the industry.(Vulnerability ID: HWPSIRT-2018-08118,HWPSIRT-2018-08119,HWPSIRT-2018-08120)

Huawei has released software updates to fix these vulnerabilities in the following products. 

This advisory will be updated as additional information becomes available, Please stay tuned. This advisory is available at the following link: 

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en.

Product Name

Affected Version

Resolved Product and Version

1288H V5

Versions earlier than V100R005C00SPC117 (BIOS V081)

V100R005C00SPC117 (BIOS V081)

2288H V5

Versions earlier than V100R005C00SPC117 (BIOS V081)

V100R005C00SPC117 (BIOS V081)

Agile Controller-Campus

V100R001C00

V100R003C30SPC100

V100R002C00

V100R002C10

BH620 V2

Versions earlier than V100R002C00SPC302 (BIOS V370)

V100R002C00SPC302(BIOS V370)

BH621 V2

Versions earlier than V100R002C00SPC301 (BIOS V370)

V100R002C00SPC301 (BIOS V370)

BH622 V2

Versions earlier than V100R002C00SPC309 (BIOS V521)

V100R002C00SPC309 (BIOS V521)

BH640 V2

Versions earlier than V100R002C00SPC307 (BIOS V521)

V100R002C00SPC307 (BIOS V521)

CH242 V3

Versions earlier than V100R001C00SPC331 (BIOS V358)

V100R001C00SPC331 (BIOS V358)

EulerOS

V200R007C00

V200R007C00SPC200

FusionCube

V100R002C02

3.1.1

V100R002C30

V100R002C70

FusionSphere OpenStack

V100R006C00RC3B036

V100R006C30SPC100

V100R006C10SPC112

UVP KVM 2.5.RC9

GTSOFTX3000

V200R002C20

V200R002C20SPC600

HUAWEI MateBook X Pro (MACH-W19/ MACH-W29)

Versions earlier than BIOS 1.12

BIOS 1.12

RH1288 V2

Versions earlier than V100R002C00SPC640 (BIOS 520)

V100R002C00SPC640 (BIOS 520)

RH1288A V2

Versions earlier than V100R002C00SPC710 (BIOS V521)

V100R002C00SPC710 (BIOS V521)

RH2265 V2

Versions earlier than V100R002C00SPC510 (BIOS V519)

V100R002C00SPC510 (BIOS V519)

RH2268 V2

Versions earlier than V100R002C00SPC609 (BIOS V519)

V100R002C00SPC609 (BIOS V519)

RH2285 V2

Versions earlier than V100R002C00SPC511 (BIOS V521)

V100R002C00SPC511 (BIOS V521)

RH2285H V2

Versions earlier than V100R002C00SPC511 (BIOS V521)

V100R002C00SPC511 (BIOS V521)

RH2288 V2

Versions earlier than V100R002C00SPC610 (BIOS 520)

V100R002C00SPC610 (BIOS 520)

RH2288A V2

Versions earlier than V100R002C00SPC710  (BIOS V521)

V100R002C00SPC710  (BIOS V521)

RH2288E V2

Versions earlier than V100R002C00SPC302 (BIOS V519)

V100R002C00SPC302 (BIOS V519)

RH2288H V2

Versions earlier than V100R002C00SPC620 (BIOS 520)

V100R002C00SPC620 (BIOS 520)

RH2485 V2

Versions earlier than V100R002C00SPC713 (BIOS V521)

V100R002C00SPC713 (BIOS V521)

SMC2.0

V500R002C00

V600R006C10SPC800

UC Audio Recorder

V100R001C01

eSpace Audio Recorder V100R001C01SPC100

V100R001C02

eSpace Audio Recorder V100R001C02SPC300

VP9630

V600R006C10

V600R019C00

VP9660

V600R006C10

V600R019C00

eLog

V200R003C10

V200R005C00SPC208

V200R003C20

V200R007C10

 V200R007C10SPC202

eSpace U2980

V100R001C01

V100R001C10SPC601

V100R001C02

V100R001C10

V200R003C00

eSpace UMS

V200R002C00

V200R002C00SPC300

iManager NetEco

V600R007C00

iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260

V600R007C10

V600R007C11

V600R007C12

V600R007C20

V600R007C30

V600R007C40

V600R007C50

V600R007C60

V600R008C00

V600R008C10

V600R008C20

V600R008C30

iManager NetEco 6000

V600R007C40

iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260

V600R007C60

V600R007C80

V600R007C90

V600R008C00

eSight

V300R009C00

 V300R010C00

iManager N2510

 V200R018C10

 V200R018C10CP2011

[1] To fix these vulnerabilities, update OS patches and BIOS firmware, OS patches are provided by the operating system vendors.

Local attackers may exploit these vulnerabilities to cause information leak on the affected system.

The vulnerability classification has been performed by using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document).

CVE-2018-3615:

Base Score: 7.9(AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N)

Temporal Score: 7.3 (E:F/RL:O/RC:C)

CVE-2018-3620 & CVE-2018-36464:

Base Score: 7.1 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

Temporal Score: 6.6 (E:F/RL:O/RC:C)

These vulnerabilities can be exploited only when the following conditions are present:

An attacker must be able to run crafted or script code on an affected device.

Vulnerability details:

In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel.

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.

These vulnerabilities were publicly disclosed.

2021-12-29 V1.6 UPDATED Updated the "Software Versions and Fixes" section;
2020-12-23 V1.5 UPDATED Updated the "Software Versions and Fixes" section;

2020-08-12 V1.4 UPDATED Updated the "Software Versions and Fixes" section;

2019-09-11 V1.3 UPDATED Updated the "Software Versions and Fixes" section;

2019-03-05 V1.2 UPDATED Updated the "Software Versions and Fixes" section;

2019-01-23 V1.1 UPDATED Updated the "Software Versions and Fixes" section;

2018-08-15 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.