cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4442
Views
30
Helpful
7
Replies

x86_bug_cpu_insecure

droberts1214
Level 1
Level 1

Couldn't find a thread on Cisco's response to the soon to be announced (tomorrow) embargoed Intel x86 flaw. Nexus SUP1 modules for example run Intel Xeon chips. Can anyone share any insight on expected CPU performance degradation and security concerns as it relates to Intel x86 post-patch on network equipment?

7 Replies 7

Hi,
Doing some research yesterday, even though thousands of sites are reporting it, but there is no authentic resource yet (until yesterday), so it might be a hoax, I tried to find any reliable resource/reference online about this flaw, and could not find anything on Microsoft, IBM, Cisco, AMD, Intel ..etc., so far.

 

What made me doubt a bit that while reading the article from: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ … they mentioned Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka **bleep**WIT … I cannot find any technical term online like that and the term seems strange :-) 

 

Thanks and Best Regards,

Muhammad

It is funny, even the site blocked the term :-D

There were a couple colorful acronyms floating around yesterday. Looks like ibm is coining the terms spectre and meltdown.

https://exchange.xforce.ibmcloud.com/collection/c422fb7c4f08a679812cf1190db15441

 

Wiki page put up recently: https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)

Thanks a lot, I opened a Cisco TAC to get a feedback from Cisco.

 

Microsoft has already released some software fixes:

This advisory addresses the following vulnerabilities:

 

Thank You, threat is real !

 

Microsoft released an update and a fix.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

 

I also opened a Cisco TAC and they replied to me acknowledging the threat, there is a bug CSCvh32210 for that, but not yet announced / made external.

Cisco is aware of recently published security research related to speculative execution in modern CPU architectures. Our team is following our well-established process to investigate all aspects of the issue and evaluate any potential impact on Cisco products. If something new is found that our customers need to be aware of and respond to, we will share it through our established PSIRT disclosure processes.

 

I can share the below information with you :

 

 

 

CVE-2017-5715 - Branch Target Injection AKA Spectre

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: Intel, AMD or ARM
  • Remediation:
    • Requires uCode update to the CPU - Delivered by BIOS on devices that have upgradeable CPUs
    • Requires changes to the Kernel of the operating system

CVE-2017-5753 - Bounds Check Bypass AKA Spectre

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: Intel, AMD or ARM
  • Remediation:
    • Requires update to Kernel of operating systems

CVE-2017-5754 - Rogue Data Cache Load AKA Meltdown

  • Cause by Speculative Execution Algorithms
  • Requires the attacker to execute code on the affected platform
  • Attacker Infers data by performing timing attacks on the CPU Cache Pipeline
  • Affected platform: successfully proved only on Intel
  • Remediation:
    • Requires update to Kernel of operating systems

 

 

There is a bug filed for the same: CSCvh32210

 

This is yet to be externalized.

Hello All,

Cisco has just published the problem and classified it as a Medium Threat:

 

Title :

CPU Side-Channel Information Disclosure Vulnerabilities

URL :

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

Description :

On January 3, 2018 researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.

Cisco will release software updates that address this vulnerability.

 

Thanks and Best Regards,

Muhammad Al-Hussein