Multiple Vendor Hyper-Threading Technology Information Disclosure Vulnerability

Multiple Vendor Hyper-Threading Technology Information Disclosure Vulnerability

Multiple vendors' Hyper-Threading (HT) technology offerings are prone to an information-disclosure vulnerability when running on HT processors. This issue is due to the shared-memory cache associated with the virtual CPUs in an HT-capable CPU.

Exploiting this vulnerability allows local attackers to obtain sensitive information that can lead to privilege escalation.

The issue affects certain operating systems when running on HT-enabled processors. The operating systems must be running with multiprocessing enabled for this vulnerability to be exploitable. True dual-core CPUs that do not share caches across CPUs are likely not affected by this issue.

This issue was also documented in BID 13614, which has been retired.