June 13, 2018 2:00 PM PDT
CVE Identifiers: CVE-2018-3665
A new speculative execution side-channel issue concerning Intel processors was discovered by AWS in collaboration with Cyberus Technology. We reported this issue immediately to Intel, which has been working closely with a group of companies to prepare software updates addressing the issue. Intel has assigned CVE-2018-3665 to this issue and has released Intel Security Advisory INTEL-SA-00145. In parallel, the Xen Security Team has released Xen Security Advisory 267.
This issue does not impact AWS infrastructure. No customer’s instance can read the memory or state of another customer’s instance, nor can any instance read AWS hypervisor memory or state.
As a general security best practice, we recommend that customers patch their operating systems or software as relevant patches become available to address speculative execution side-channel issues.