Security Alert: Processors Meltdown!

Data Consult > Cloud > Security Alert: Processors Meltdown!
Security Alert: Processors Meltdown!

Hello,

Recently multiple disclosed security vulnerabilities took the Internet by storm. Dubbed “Meldown” and “Spectre”, those vulnerabilities seem to affect numerous systems and processors including Intel, AMD, ARM; thus it has the potential to affect PCs, servers, networking equipment, mobile devices and even cloud.
An attacker can exploit those vulnerabilities by running a special code locally on the system which could result in accessing privileged data of another process through unprivileged access level.

Meltdown: Rogue data cache load (CVE-2017-5754)
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Spectre Variant 1: Bounds checking bypass (CVE-2017-5753)
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Spectre Variant 2: Branch target injection (CVE-2017-5715)
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Link

Below is a list of numerous vendors and links to their articles describing the impact and patching process.

Cisco ASR9K, UCS B-Series, UCS C-Series… affected, check KB
F5 LTM, ASM, GTM… affected, check KB
Palo Alto check KB
Juniper check KB
Riverbed check KB
Fortinet check KB
Bluecoat check KB
Symantec check KB
ESET check KB
VMware ESXi, Workstation… affected, check KB
Intel i3, i5, i7, Xeon, Atom… affected, check KB
Windows Client 7, 8.1, 10… affected, check KB
Windows Server 2008, 2012, 2016… affected, check KB
Windows SQL 2008, 2012, 2016, 2017… affected, check KB
Synology DSM 5.2, 6.0, 6.1… affected, check KB
Red Hat Enterprise Linux 5, 6, 7, OpenStack… affected, check KB
Ubuntu check KB
SUSE check KB
Firefox Fixed in 57.0.4
Chrome Fixed in v64 (to be released January 23)

Cisco IPS signatures that targets those vulnerabilities are:

Signature ID Signature Name Release Latest Release Date
8152/0 Intel CPU Side Channel Analysis Information Disclosure S1005 01/05/2018
8152/1 Intel CPU Side Channel Analysis Information Disclosure S1005 01/05/2018
8152/2 Intel CPU Side Channel Analysis Information Disclosure S1005 01/05/2018
8152/3 Intel CPU Side Channel Analysis Information Disclosure S1005 01/05/2018
8152/4 Intel CPU Side Channel Analysis Information Disclosure S1005 01/05/2018


Elie Bassil
linkedin.com/in/eliebassil

Related Posts