Environment
Micro Focus Filr 3.x
Situation
Modern Intel CPUs feature "hyper threads", where multiple threads of execution can happen on the same core, sharing various resources, including the Level 1 (L1) Data Cache.
Researchers have found that during speculative execution, pagetable address lookups do not honor pagetable present and other reserved bits, so that speculative execution could read memory content of other processes or other VMs if this memory content is present in the shared L1 Datacache of the same core.
The issue is called "Level 1 Terminal Fault", or short "L1TF".
3 Variants of the issue are tracked :
- OS level: CVE-2018-3620
- VMM level: CVE-2018-3646
- SGX enclave level: CVE-2018-3615
Since the Filr, Search, and Database servers are provided as an appliance running on SLES-11, the kernel updates provided by SUSE are required to mitigate these vulnerabilities.
Resolution
A fix for this issue is available in Filr 3.0 - Security Update 5 available via the Micro Focus Patch Finder.
If you're running Filr 1.2 or older, please upgrade to the Filr 3.0 Security Update 5.
Additional Information
For more details, please consult https://www.suse.com/support/kb/doc/?id=7023077