Knowledge Base
Microprocessor Side-Channel Attacks (CVE-2017-5715,
CVE-2017-5753, CVE-2017-5754): Impact on @DellEMC products (Dell Enterprise
Servers, Storage and Networking)
CVE ID: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Dell EMC is aware of the new side-channel analysis
attacks (also known as #Meltdown and #Spectre) affecting many modern #microprocessors that were discovered and published by a team of security
researchers on January 3, 2018.
Dell EMC is investigating this issue to identify any
potential impact to products and will update this article with information as
it becomes available, including impacted products and remediation steps.
Dell EMC recommends customers to follow security best
practices for malware protection in general to protect against possible
exploitation of these analysis methods until any future updates can be applied.
Links for the below products will be provided as they become
available.
- Dell EMC products (Dell EMC
Storage products): 516117
- Dell Client products: SLN308587
- RSA products: DOC-85418
- VCE products
References:
- Intel Security Advisory: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088
- AMD Advisory:
- Microsoft Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
- VMWare:https://www.vmware.com/security/advisories/VMSA-2018-0002.html
- RedHat: https://access.redhat.com/security/vulnerabilities/speculativeexecution
- SuSe: https://www.suse.com/support/kb/doc/?id=7022512
- Ubuntu : https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
- Google Project Zero Blog
Post: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
- Research Papers: https://meltdownattack.com
The complete affected platform list for Dell EMC (Dell
PowerEdge Servers, Storage and Networking) will be added as the information
becomes available.
Article ID: SLN308588
Last Date Modified: 01/04/2018 12:49 PM
No comments:
Post a Comment