|
|
| (19 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| {{svg-header}} | | {{svg-header}} |
| | | {{DeprecatedAndMovedTo|new_location=https://advisories.egi.eu/Speculative_Execution_Vulnerabilities.html}} |
| {{under construction}} | |
| | |
| This provides information that may be useful to sites concerning the various speculative execution vulnerabilities concerning Intel chips and other processors.
| |
| | |
| See also [[SVG:Meltdown and Spectre Vulnerabilities | EGI SVG Information on Meltdown and Spectre Vulnerabilities]] related advisory [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]] which was compiled in January and early February 2018. (This may later be merged into this page.)
| |
| | |
| EGI SVG has at present (7th September 2018) issued 3 advisories related to Speculative Execution Vulnerabilities [[SVG:Advisory-SVG-CVE-2018-3620 | Advisory-SVG-CVE-2018-3620 ]] in August 2018, [[SVG:Advisory-SVG-CVE-2018-3639 | Advisory-SVG-CVE-2018-3639 ]] in May 2018, and [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]] in January 2018.
| |
| | |
| Intel information [https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html]
| |
| | |
| The important thing is that sites update their kernel versions. In some cases this may result in reduced performance, but the update should not be omitted because of this.
| |
| | |
| | |
| {| {{egi-table}}
| |
| !Date !! CVE !! Exploit Name !! Public vulnerability name!! EGI SVG Advisory !! Comment/Other Links
| |
| |-
| |
| | January 2018 || CVE-2017-5753 || Spectre(Variant 1) || Bounds Check Bypass (BCB) || [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]] ||
| |
| |-
| |
| | |
| |-
| |
| | January 2018 || CVE-2017-5715 || Spectre(Variant 2) || Branch Target Injection (BTI) || [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]] ||
| |
| |-
| |
| | |
| |-
| |
| | January 2018 || CVE-2017-5754 || Meltdown (Variant 3) || Rogue Data Cache Load (RDCL) || [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]] ||
| |
| |-
| |
| | |
| |-
| |
| | May 2018 || CVE-2018-3640 || SpectreNG(Variant 3a) || Rogue System Register Read (RSRE) || [[SVG:Advisory-SVG-CVE-2018-3639 | Advisory-SVG-CVE-2018-3639 ]] || [https://www.us-cert.gov/ncas/alerts/TA18-141A https://www.us-cert.gov/ncas/alerts/TA18-141A ]
| |
| |-
| |
| | |
| |-
| |
| | May 2018 || CVE-2018-3639 || SpectreNG(Variant 4) || Speculative Store Bypass (SSB) || [[SVG:Advisory-SVG-CVE-2018-3639 | Advisory-SVG-CVE-2018-3639 ]] || https://access.redhat.com/security/vulnerabilities/ssbd
| |
| |-
| |
| | |
| |-
| |
| | May 2018 || CVE-2018-3693 || SpectreNG(Variant 1.1) || Bounds Check Bypass Store (BCBS) || None ||
| |
| |-
| |
| | |
| | |
| |-
| |
| | August 2018 || CVE-2018-3620 || L1TF ||OS, SMM related aspects ||[[SVG:Advisory-SVG-CVE-2018-3620 | Advisory-SVG-CVE-2018-3620 ]] ||
| |
| [https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html]
| |
| [https://access.redhat.com/security/vulnerabilities/L1TF https://access.redhat.com/security/vulnerabilities/L1TF ]
| |
| |-
| |
| | |
| |-
| |
| | August 2018 || CVE-2018-3646 || L1TF ||Virtualization related aspects ||[[SVG:Advisory-SVG-CVE-2018-3620 | Advisory-SVG-CVE-2018-3620 ]] || see links for CVE-2018-3620
| |
| |-
| |
| | |
| |-
| |
| | August 2018 || CVE-2018-3615 || L1TF ||SGX related aspects ||[[SVG:Advisory-SVG-CVE-2018-3620 | Advisory-SVG-CVE-2018-3620 ]] || RHEL 7 is not vulnerable but other Linux OS are
| |
| |-
| |
| | |
| | |
| | |
| |}
| |
| | |
| | |
| | |
| This provides info on the Meltdown and Spectre vulnerabilities made public in January 2018. SVG compiled links to information which may be useful to EGI sites.
| |
| | |
| [[SVG:Meltdown and Spectre Vulnerabilities | EGI SVG Information on Meltdown and Spectre Vulnerabilities]] related advisory [[SVG:Advisory-SVG-CVE-2017-5753 | Advisory-SVG-CVE-2017-5753 ]]
| |
The wiki is deprecated and due to be decommissioned by the end of September 2022.