Scribd Logo
Upload

Welcome to Scribd!

  • Bullion Support TSB 400-18-01 Rev2

    Uploaded by

    santosa2d
    5 views2 pages
    Spectre and Meltdown

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Spectre and Meltdown

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views2 pages

    Bullion Support TSB 400-18-01 Rev2

    Uploaded by

    santosa2d
    Spectre and Meltdown

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Bullion Support

    Technical Support Bulletin


    Product SUBJECT Dossier Number Rev

    Bullion S Server Meltdown and Spectre security flaw 400 18-01 2


    Issue Date Writer Approved by Domain Exp. Date

    January 09,2018 P. Arbenz F. Lozano Hardware Undef.

    Problem Description
    A major security flaw related to the microarchitectural implementation on many microprocessors has been
    found. All CPUs using out of order execution model and specially speculative execution and branch prediction
    are possibly concerned.
    https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

    This flaw is divided into 3 variants, each described in a specific CVE publicly available:
    - Variant 1: CVE-2017-5753, [1]
    - Variant 2: CVE-2017-5715, [2]
    These 2 variants are known as "Spectre" flaw and affect CPUs from different vendors: Intel,
    ARM and AMD. Spectre can be used to grant access to sensitive information in other
    applications memory region.
    - Variant 3: CVE-2017-5754, [3]
    This variant is known as "Meltdown" flaw and affects only Intel CPUs. Meltdown allows access to
    privileged memory region (kernel) from user space.

    Detailed technical description can be found online:


    https://googleprojectzero.blogspot.fr/2018/01/reading-privileged-memory-with-side.html

    Proposed Solution
    ❶ CPU microcode update:

    - New firmware providing patched microcode for Broadwell and Haswell CPU’s is released and can be
    downloaded on SOL Web site: https://support.bull.com/ols/product/platforms/bullion
    - New firmware for Ivybridge CPU’s is under development by Intel and will be released as they become
    available to us on SOL Website.

    Doc. Reference: 400-18-01 Ver 2 Page: 1 / 2

    Atos Bull-SAS Confidentiel Atos Bull-SAS Confidential & Proprietary


    " Ce document et les informations qu'il contient sont confidentiels et " This document and the information contained herein are confidential to and
    appertiennent à BULL-SAS. Il sont communiqués uniquement au personnel du the proprietary of BULL-SAS and are made available only to Bull Group
    Groupe Bull dans le seul but de lui permettre d'exercer ses activités. Ce employees for sole purpose of conducting BULL-SAS business.
    document ne peut être copié ou diffusé sans l'autorisation formelle de la
    Direction de BULL SAS Technologie"
    ❷ Operating system update:

     Red Hat:
    RedHat Security/Vulnerability Responses CVE-2017-5754 CVE-2017-5753 CVE-2017-5715:
    https://access.redhat.com/security/vulnerabilities/speculativeexecution

     VMware:
    VMware has published VMware Security Advisory VMSA-2018-0002 :
    https://www.vmware.com/security/advisories/VMSA-2018-0002.html

    Bull Customized ESXi image for Bullion will be updated and published on SOL Web site:
    https://support.bull.com/ols/product/platforms/bullion/bullion-S/dl/pkgf/esxi

     SUSE:
    SUSE Linux security updates CVE-2017-5715/ CVE-2017-5753/ CVE-2017-5754/
    https://www.suse.com/security/cve/CVE-2017-5715/
    https://www.suse.com/security/cve/CVE-2017-5753/
    https://www.suse.com/security/cve/CVE-2017-5754/

     Microsoft:
    Security Advisory 180002: Guidance to mitigate speculative execution side-channel vulnerabilities:
    https://portal.msrc.microsoft.com/en-US/security-guidance
    https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-
    speculative-execution
    https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-
    antivirus-software

     For other operating systems:


    Customers are advised to contact their OS distributor to receive the required updates.

    Bull Atos Engineering and Support is working with Intel and OS software developers to evaluate the impact on
    systems performance and the way to monitor it on Bullion solutions.

    If you have any questions or would like information on our current offerings or upgrade products, please contact
    your local Atos/Bull sales or customer service representative.

    Sincerely,

    Your Bullion Support Team.

    - = - = - = - = - END OF DOCUMENT – END OF ENCLOSURE - = - = - = - = -

    Doc. Reference: 400-18-01 Ver 2 Page: 2 / 2

    Atos Bull-SAS Confidentiel Atos Bull-SAS Confidential & Proprietary


    " Ce document et les informations qu'il contient sont confidentiels et " This document and the information contained herein are confidential to and
    appertiennent à BULL-SAS. Il sont communiqués uniquement au personnel du the proprietary of BULL-SAS and are made available only to Bull Group
    Groupe Bull dans le seul but de lui permettre d'exercer ses activités. Ce employees for sole purpose of conducting BULL-SAS business.
    document ne peut être copié ou diffusé sans l'autorisation formelle de la
    Direction de BULL SAS Technologie"

    You might also like