Friday, January 5, 2018

Massive Intel CPU Bug Leaves Kernel Vulnerable, Slows Performance - Intel CPU kernel memory leak vulnerability #Spectre (CVE-2017-5753 , CVE-2017-5715) and #Meltdown (CVE-2017-5754) #SideChannelAttack

The hotfix from Microsoft, RedHat and VMware at the following:

platform

solution

Windows2008

Not available

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

Windows2008R2

KB4056897

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

Windows2012

Not available

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

Windows2012R2

KB4056898

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

ESXi5.5

ESXi550-201709101-SG

https://www.vmware.com/security/advisories/VMSA-2018-0002.html

ESXi6.5

ESXi650-201712101-SG

https://www.vmware.com/security/advisories/VMSA-2018-0002.html

Redhat7

RHSA-2018:0007

https://access.redhat.com/security/vulnerabilities/speculativeexecution

Redhat6

RHSA-2018:0008

https://access.redhat.com/security/vulnerabilities/speculativeexecution


For windows patch deployment, if using Mcafee, it need to update register key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" first.

https://support.microsoft.com/en-us/help/4056898

image


WINDOWS
About the intel vulnerability on Windows (not Azure specific), pls find our published info and patches below.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Update for Windows Server 2016 is available here:
https://support.microsoft.com/en-us/help/4056890
Windows 10 1709 (Fall Creators Update):
https://support.microsoft.com/en-us/help/4056892
Updates for other OS versions:
http://www.catalog.update.microsoft.com/Search.aspx?q=2018-01


Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

https://support.microsoft.com/en-us/help/4073119/windows-client-guidance-for-it-pros-to-protect-against-speculative-exe?ranMID=24542&ranEAID=nOD%2FrLJHOac&ranSiteID=nOD_rLJHOac-9l5jOPaPqmkvZwSt.6rR0w&tduid=(72882831a6cc2b13e2bb4cdc8c5e787f)(256380)(2459594)(nOD_rLJHOac-9l5jOPaPqmkvZwSt.6rR0w)()


RedHat Enterprise Linux:
The vulnerability has been assigned CVE-2017-5754, CVE-2017-5753 & CVE-2017-5715. This issue was publicly disclosed on Wednesday, January 3, 2018 and is rated as Important [1].
Kernel Side-Channel Attacks (CVE-2017-5754, CVE-2017-5753, & CVE-2017-5715)
https://access.redhat.com/security/vulnerabilities/speculativeexecution


Reference:
https://www.extremetech.com/computing/261364-massive-intel-cpu-bug-leaves-kernel-vulnerable-reduce-performance
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
https://www.theverge.com/2018/1/3/16844630/intel-processor-security-flaw-bug-kernel-windows-linux
https://www.techpowerup.com/240174/intel-secretly-firefighting-a-major-cpu-bug-affecting-datacenters
https://news.xfastest.com/intel/44421/intel-memory-leak-bug/
https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos


There are more detail about the vulnerability:
Google Project Zero blog:
https://googleprojectzero.blogspot.hk/2018/01/reading-privileged-memory-with-side.html
Research paper:
https://spectreattack.com/spectre.pdf
https://meltdownattack.com/meltdown.pdf

Reference:
http://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html
AMD Respond:
http://www.amd.com/en/corporate/speculative-execution
ARM Security:
https://developer.arm.com/support/security-update
Meltdown in Action: Dumping memory
https://m.youtube.com/watch?v=bReA1dvGJ6Y

Spectre and Meltdown processor security flaws – explained

https://www.theguardian.com/technology/2018/jan/04/meltdown-spectre-computer-processor-intel-security-flaws-explainer

How to protect your PC against the major ‘Meltdown’ CPU security flaw

https://www.theverge.com/2018/1/4/16848976/how-to-protect-windows-pc-meltdown-security-flaw



#Spectre #CVE20175715   #CVE20175753
#Meltdown #CVE20175754
#SideChannelAttack

Print Friendly and PDF
Share/Bookmark

No comments:

Post a Comment