Information about the vulnerabilities
On January 3rd, 2018, several security vulnerabilities within the microarchitecture of most modern processors were published, which could have the following results:
- Variant 1: bounds check bypass (CVE-2017-5753)
- Variant 2: branch target injection (CVE-2017-5715)
- Variant 3: rogue data cache load (CVE-2017-5754)
Those vulnerabilities are now known as:
For further information on this topic, please check the following resources:
- https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
- https://googleprojectzero.blogspot.de/2018/01/reading-privileged-memory-with-side.html
- https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
- https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/
- https://www.amd.com/en/corporate/speculative-execution
- https://developer.arm.com/support/security-update
Upgrade hardware/firmware
We are working with the respective manufacturers regarding firmware updates and will provide them as soon as possible.
Patches for all OS can be found in bugtrackers
- Security Advisory
- Security Advisory
- Security Advisory
- Security Advisory
- Security Advisory
RIF. https://miw.li/KBDE214EN
