CVE-2018-3615

Source
Severity High
Remote No
Type Information disclosure
Description
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Group Package Affected Fixed Severity Status Ticket
AVG-758 linux-lts 4.14.62-1 4.14.63-1 High Fixed
AVG-757 linux-zen 4.17.14.zen1-1 4.18.1.arch1-1 High Fixed
AVG-756 linux 4.17.14.arch1-1 4.18.1.arch1-1 High Fixed
References
https://foreshadowattack.eu/
Notes
Intel specific

Versions with mitigation's:
4.14.63
4.17.15
4.18.1