The Intel SGX functionality provides hardware instructions used to verify a
memory structure has been cryptographically created by the running hardware.
The EGETKEY asembly instruction provides software running in the secure enclave
with keys used by this functionality.
When hyperthreading is enabled a race condition exists where an local attaker
could access the reset key used for the core and from this information derive
the HT-disabled key and use this to emulate/impersonate a HT-disabled platform.
Statement:
Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/2019-microcode-nov