Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4173
Views
30
Helpful
7
Replies

x86_bug_cpu_insecure

droberts1214
Level 1
Level 1

‎01-03-2018 08:20 AM - edited ‎03-10-2019 12:56 AM

Couldn't find a thread on Cisco's response to the soon to be announced (tomorrow) embargoed Intel x86 flaw. Nexus SUP1 modules for example run Intel Xeon chips. Can anyone share any insight on expected CPU performance degradation and security concerns as it relates to Intel x86 post-patch on network equipment?

11 people had this problem
Labels:
7 Replies 7

Muhammad Al-Hussein
Level 1
Level 1

‎01-04-2018 12:31 AM

Hi,
Doing some research yesterday, even though thousands of sites are reporting it, but there is no authentic resource yet (until yesterday), so it might be a hoax, I tried to find any reliable resource/reference online about this flaw, and could not find anything on Microsoft, IBM, Cisco, AMD, Intel ..etc., so far.

 

What made me doubt a bit that while reading the article from: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ … they mentioned Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka **bleep**WIT … I cannot find any technical term online like that and the term seems strange :-) 

 

Thanks and Best Regards,

Muhammad

0 Helpful

Muhammad Al-Hussein
Level 1
Level 1
In response to Muhammad Al-Hussein

‎01-04-2018 12:32 AM

It is funny, even the site blocked the term :-D
0 Helpful

droberts1214
Level 1
Level 1
In response to Muhammad Al-Hussein

‎01-04-2018 06:00 AM

There were a couple colorful acronyms floating around yesterday. Looks like ibm is coining the terms spectre and meltdown.

https://exchange.xforce.ibmcloud.com/collection/c422fb7c4f08a679812cf1190db15441

 

Wiki page put up recently: https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)

0 Helpful

Muhammad Al-Hussein
Level 1
Level 1
In response to droberts1214

‎01-04-2018 06:40 AM

Thanks a lot, I opened a Cisco TAC to get a feedback from Cisco.

 

Microsoft has already released some software fixes:

This advisory addresses the following vulnerabilities:

 

Muhammad Al-Hussein
Level 1
Level 1
In response to droberts1214

‎01-04-2018 07:29 AM

Thank You, threat is real !

 

Microsoft released an update and a fix.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

 

I also opened a Cisco TAC and they replied to me acknowledging the threat, there is a bug CSCvh32210 for that, but not yet announced / made external.

Cisco is aware of recently published security research related to speculative execution in modern CPU architectures. Our team is following our well-established process to investigate all aspects of the issue and evaluate any potential impact on Cisco products. If something new is found that our customers need to be aware of and respond to, we will share it through our established PSIRT disclosure processes.

 

I can share the below information with you :

 

 

 

CVE-2017-5715 - Branch Target Injection AKA Spectre

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: Intel, AMD or ARM
  • Remediation:
    • Requires uCode update to the CPU - Delivered by BIOS on devices that have upgradeable CPUs
    • Requires changes to the Kernel of the operating system

CVE-2017-5753 - Bounds Check Bypass AKA Spectre

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: Intel, AMD or ARM
  • Remediation:
    • Requires update to Kernel of operating systems

CVE-2017-5754 - Rogue Data Cache Load AKA Meltdown

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: successfully proved only on Intel
  • Remediation:
    • Requires update to Kernel of operating systems

 

 

There is a bug filed for the same: CSCvh32210

 

This is yet to be externalized.

Muhammad Al-Hussein
Level 1
Level 1
In response to Muhammad Al-Hussein

‎01-04-2018 11:29 PM

Hello All,

Cisco has just published the problem and classified it as a Medium Threat:

 

Title :

CPU Side-Channel Information Disclosure Vulnerabilities

URL :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

Description :

On January 3, 2018 researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.

Cisco will release software updates that address this vulnerability.

 

Thanks and Best Regards,

Muhammad Al-Hussein

Customers Also Viewed These Support Documents