UCloud-201805-004:Intel处理器MeltDown/Spectre变种漏洞安全预警
- 发布时间 2018-05-22
- 更新时间 2018-05-22
- 漏洞等级 Medium
- CVE编号 CVE-2018-3639、CVE-2018-3640
漏洞详情
2018年5月21日,微软官方公布新CPU漏洞–Speculative Store Bypass (SSB)漏洞细节,属于目前预警的Spectre-NG的其中一个( 变种4),漏洞编号为CVE-2018-3639。攻击者通过利用有针对性的旁路攻击的方法绕过安全措施,拿到cpu或内存中的内容,可能会导致用户信息泄露。
同时,另一个CPU漏洞–Rogue System Register Read (RSRE)也被披露,属于Spectre-NG中的变种 3a,漏洞编号为CVE-2018-3640。该漏洞允许具有本地用户访问权限的攻击者在有预测执行能力的微处理器上,通过旁路攻击来读取系统寄存器的值,可能会导致系统信息泄露。
影响范围
Intel提供的受影响处理器列表:
Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Atom™ Processor C Series (C3308, C3338, C3508, C3538, C3558, C3708, C3750, C3758, C3808, C3830, C3850, C3858, C3950, C3955, C3958)
Intel® Atom™ Processor E Series
Intel® Atom™ Processor A Series
Intel® Atom™ Processor X Series (x5-E3930, x5-E3940, x7-E3950)
Intel® Atom™ Processor T Series (T5500, T5700)
Intel® Atom™ Processor Z Series
Intel® Celeron® Processor J Series (J3355, J3455, J4005, J4105)
Intel® Celeron® Processor N Series (N3450)
Intel® Pentium® Processor J Series (J4205)
Intel® Pentium® Processor N Series (N4000, N4100, N4200)
Intel® Pentium® Processor Silver Series (J5005, N5000)
修复方案
UCloud已经从Intel处获取到漏洞关键信息,后续将开展漏洞的修复工作,UCloud平台用户可继续放心使用。
参考链接
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
