The L1 Terminal Fault (L1TF) affects Intel processors and thereby Linux systems. Learn what this vulnerability is all about and what Linux users should do about it. Credit: Sandra Henry-Stocker Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it? L1TF, L1 Terminal Fault, and Foreshadow The processor vulnerability goes by L1TF, L1 Terminal Fault, and Foreshadow. Researchers who discovered the problem back in January and reported it to Intel called it “Foreshadow”. It is similar to vulnerabilities discovered in the past (such as Spectre). This vulnerability is Intel-specific. Other processors are not affected. And like some other vulnerabilities, it exists because of design choices that were implemented to optimize kernel processing speed but exposed data in ways that allowed access by other processes. Three CVEs have been assigned to this issue: CVE-2018-3615 for Intel Software Guard Extensions (Intel SGX) CVE-2018-3620 for operating systems and System Management Mode (SMM) CVE-2018-3646 for impacts to virtualization An Intel spokesman made this statement regarding this issue: “L1 Terminal Fault is addressed by microcode updates released earlier this year, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We’ve provided more information on our web site and continue to encourage everyone to keep their systems up-to-date, as it’s one of the best ways to stay protected. We’d like to extend our thanks to the researchers at imec-DistriNet, KU Leuven, Technion- Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 and our industry partners for their collaboration in helping us identify and address this issue.” Does L1TF affect your Linux system? The short answer is “probably not.” You should be safe if you’ve patched your system since the earlier Spectre and Meltdown vulnerabilities were exposed back in January. As with Spectre and Meltdown, Intel claims that no real-world cases of systems being affected have been reported or detected. They also have said that the changes are unlikely to incur noticeable performance hits on individual systems, but they might represent significant performance hits for data centers using virtualized operating systems. Even so, frequent patches are always recommended. To check your current kernel level, use the uname -r command: $ uname -r 4.18.0-041800-generic More resources Please check out the following resources to get a detailed understanding of L1TF and why it exists: L1TF explained in ~3 minutes (Red Hat) L1TF explained in under 11 minutes (Red Hat) Technical deep dive Red Hat explanation of L1TF Ubuntu updates for L1TF Related content how-to How to find files on Linux There are many options you can use to find files on Linux, including searching by file name (or partial name), age, owner, group, size, type and inode number. By Sandra Henry Stocker Jun 24, 2024 8 mins Linux opinion Linux in your car: Red Hat’s milestone collaboration with exida With contributions from Red Hat and critical collaborators, the safety and security of automotive vehicles has reached a new level of reliability. By Sandra Henry Stocker Jun 17, 2024 5 mins Linux how-to How to print from the Linux command line: double-sided, landscape and more There's a lot more to printing from the Linux command line than the lp command. Check out some of the many available options. By Sandra Henry Stocker Jun 11, 2024 6 mins Linux how-to Converting between uppercase and lowercase on the Linux command line Converting text between uppercase and lowercase can be very tedious, especially when you want to avoid inadvertent misspellings. Fortunately, Linux provides a handful of commands that can make the job very easy. By Sandra Henry Stocker Jun 07, 2024 5 mins Linux PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe