Knowledge Library
Knowledge Library Home
Help Us Improve Your Knowledge Library Experience
Help Us Improve Your
Knowledge Library Experience
Express your opinion by taking a five minute survey
Knowledge Library Home Knowledge Library Products Operating Systems Wind River Linux Wind River Linux 9 Security Notices Wind River Security Vulnerability Notice: Linux Kernel Meltdown and Spectre Break (Side-Channel Attacks) - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Wind River Security Vulnerability Notice: Linux Kernel Meltdown and Spectre Break (Side-Channel Attacks) - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Table of contents
Summary Wind River Security Vulnerability Notice: Linux Kernel Meltdown and Spectre Break (Side-Channel Attacks) - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Product Version
Wind River Linux LTS
Wind River Linux 9
Wind River Linux 8
Wind River Linux 7
Wind River Linux 6
Wind River Linux 5
Pulsar Linux 8
Type Security Notices
Requirement Recommended
Release Date 1/3/2018
Downloads
Visibility
External
Contact
ytao

Description

Wind River® has been made aware of the Meltdown and Spectre exploit critical vulnerabilities in modern processors. These security vulnerabilities potentially allow for the gathering of sensitive data improperly from computing devices. These exploits could affect a variety of processors from different vendors.

There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. Additional exploits for other architectures are also known to exist.

  • CVE-2017-5715 Variant 1: branch target injection of Spectre

    The CPU microcode for Intel Haswell-X, Skylake-X and Broadwell-X chipsets was updated to report both branch prediction control via CPUID flag and ability to control branch prediction via an MSR register. This update is part of a mitigation for a branch predictor based information disclosure attack, and needs additional code in the Linux Kernel to be active. We recommend you to upgrade the microcode of you system ASAP.

  • CVE-2017-5753 Variant 2: bounds check bypass of Spectre.

  • CVE-2017-5754 is the official reference to Meltdown.

We are actively working with our internal product groups and with partners to determine if remediation is necessary in our products. We expect to have further details and instructions in the coming days.

Additional References

https://meltdownattack.com/

Intel’s statement

https://newsroom.intel.com/news/inte...arch-findings/

Affected Intel-based platforms
https://security-center.intel.com/ad...nguageid=en-fr

ARM affected processor table
https://developer.arm.com/support/security-update

https://9to5mac.com/2018/01/02/intel...down-for-macs/

The kernel patches of KPTI

https://lkml.org/lkml/2017/12/4/709


Changelog

1/11/2018: Move Intel microcode update patches to their own entry.  https://knowledge.windriver.com/Content_Lookup?id=K-511474

1/11/2018: Add the patches for each WRLinux version to upgrade the Intel microcode

1/10/2018: Add reference of affected processor information of X86 and ARM

1/3/2018: Initial

Content ID: K-511447
 
You must to post a comment.
Last modified