Last Thursday Intel published details regarding three vulnerabilities presented in certain Intel processors. These vulnerabilities are identified as CVE-2018-3615 (for SGX) , CVE-2018-3620 (for operation systems and SMM) and CVE-2018-3646 (for virtualization) .
At Fuga Cloud we utilize Intel CPU architectures to provide our customers with a compute platform. And as many other cloud providers, Fuga Cloud may be affected by these vulnerabilities.
In order to be protected against these vulnerabilities, it's necessary that the operation system as well as the hypervisor and the CPU microcode of the physical server are provided with updates. Therefore, we encourage our customers to update their operating systems to prevent the possibility of indirect exploitation within their platform.
Fuga Cloud is analyzing and rolling out security patches on the different layers of our cloud platform as they are made available by our third-party suppliers. Most of these security updates can be done without any impact for our customers. Fortunately Intel has already released new microcode for many processors affected and there are already updates available for the hypervisor that we use.
More information about the vulnerabilities
Successful exploitation of these vulnerabilities enables the attacker to read data which is located in Level 1 cache memory of a processor. Exploitation requires access to the core of a physical or virtual machine, which is only available trough an operating system. More information about the vulnerabilities is explained in this video below: