Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. (CVE-2018-3615 also known as Foreshadow)
Impact
Traffix
Unauthorized disclosure of information to an attacker with local user access by way of a side-channel analysis.