A flaw was found in the Intel processor execution engine sharing on SMT (e.g. Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process, can extract certain secret information. The reporter is able to steal an OpenSSL (<= 1.1.0h) P-384 private key from a TLS server using this new side-channel vector. It is a local attack in the sense that the malicious process must be running on the same physical core as the victim (an openSSL-powered TLS server in this case). But in general any application which branches on a secret value may be affected. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407