Spectre and Meltdown Vulnerability
Summary
Quantum has been made aware of multiple microarchitectural (hardware) implementation issues affecting many modern microprocessors, requiring updates to operating system software in combination with a microcode update. There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. Affected operating systems include recent versions of Linux (Red Hat, CentOS, SUSE), Microsoft Windows and Apple macOS.
An unprivileged attacker can use these flaws to bypass conventional memory security restrictions in order to gain read access to privileged system memory that would otherwise be inaccessible. In order for this exploit to be used, an attacker needs to run malicious code on the target processor. This is a local system exploit, not something that can be directly attacked over a network.
NIST has assigned CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 for these vulnerabilities.
Vulnerable Quantum Products
| Product | Impacted Version | Notes |
|---|---|---|
| DXi | All Versions Vulnerable | Uses Intel processors that are impacted by Meltdown and Spectre. Both vulnerabilities require local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications which lowers the risk of an exploit. Quantum to include Operating System patches in a future release of software. DAE Feature: Customers are responsible for upgrading the OS within DAE when the appropriate upgrades are available. |
| Lattus | All Versions Vulnerable | Uses Intel processors that are impacted by Meltdown and Spectre. Both vulnerabilities require local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications which lowers the risk of an exploit. Quantum to include Operating System patches in a future release of software. |
| SuperLoader3 | Not Vulnerable | All versions are not affected. Uses a PowerPC based processor which is not affected by Meltdown. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| Scalar i3/i6 | Not Vulnerable | Uses a PowerPC based processor which is not affected by Meltdown. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| Scalar i40/ i80 | Not Vulnerable | Uses a PowerPC based processor which is not affected by Meltdown. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| Scalar i500 | Not Vulnerable | Uses a PowerPC based processor which is not affected by Meltdown. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| Scalar i6000/i2000 | Not Vulnerable | Uses a PowerPC based processor which is not affected by Meltdown. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| iBlade | All Versions Vulnerable | Uses Intel processors that are impacted by Meltdown and Spectre. Both vulnerabilities require local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications which lowers the risk of an exploit. Quantum to include Operating System patches in a future release of software. |
| Scalar Key Manager | Latest version 250Q.GC00400 | SKM Appliances running latest version 250Q.GC00400 are vulnerable to Meltdown. Quantum to include Operating System patches in a future release of software. Spectre requires local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications. |
| Scalar LTFS Appliance and Virtual Appliance | All Versions Vulnerable | Uses Intel processors that are impacted by Meltdown and Spectre. Both vulnerabilities require local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications which lowers the risk of an exploit. Quantum to include Operating System patches in a future release of software. |
StorNext Appliances
|
All Versions Vulnerable | Uses Intel processors that are impacted by Meltdown and Spectre. Both vulnerabilities require local execution of an application designed to exploit the vulnerability; local users are prevented from running or generating applications which lowers the risk of an exploit. Quantum to include Operating System patches in a future release of software. |
| Xcellis Application Director | All Versions Vulnerable | All versions that use Intel processors are impacted. Patches provided by Microsoft can be applied using Windows Update when available. |
| StorNext Software StorNext Linux and Windows client, or StorNext software-only configurations installed on Linux or Windows servers |
Not Vulnerable | Not directly vulnerable. Note: any Kernel level change in Linux and Microsoft Windows will require testing and possible, although unlikely, code changes in StorNext. Performance impact is unknown and will not be known until there is a version of the workaround from the operating system vendor for a kernel supported by StorNext. |
| StorNext Connect | Not Vulnerable | Not directly vulnerable. |
| StorNext NAS | Not Vulnerable | Not directly vulnerable. |
| Vision | Vision Appliance Only | All versions of the Vision virtual appliance use CentOS. When installed with Intel processors all versions of the virtual appliance will be impacted. Vision software is not impacted. Patches provided by the Operating System vendor will be integrated into a subsequent release of software. |
| QXS Hybrid Disk | Not Vulnerable | Not directly vulnerable. The processor domains are embedded systems, which are closed environments that do not run any external code. |
Impact
See FAQs on sites Meltdown and Spectre
From RedHat https://access.redhat.com/errata/RHSA-2018:0007
- Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)
- Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)
- Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)
References
Additional information about this vulnerability can be found here:
- https://meltdownattack.com
- https://spectreattack.com/
- https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
- https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
- https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
- https://access.redhat.com/security/vulnerabilities/speculativeexecution?sc_cid=701f2000000tsLNAAY&
Contact Information
In US, call 800-284-5101. In Europe, call toll free +800-7826-8888 or direct +49 6131 324 185. You will need your system serial number. For additional contact information, go to http://www.quantum.com/serviceandsupport/get-help/index.aspx#contact-support