The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Processors: information disclosure via System Register

Synthesis of the vulnerability 

A local attacker can read a memory fragment via System Register of some processors, in order to obtain sensitive information.
Vulnerable products: Mac OS X, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, Debian, Avamar, Unisphere EMC, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, HP ProLiant, QRadar SIEM, Windows (platform) ~ not comprehensive, openSUSE Leap, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity of this weakness: 1/4.
Creation date: 22/05/2018.
Références of this bulletin: 525441, ADV180013, CERTFR-2018-AVI-429, CERTFR-2019-AVI-036, CERTFR-2019-AVI-489, cisco-sa-20180521-cpusidechannel, CVE-2018-3640, DLA-1446-1, DLA-1506-1, DSA-2018-175, DSA-2019-030, DSA-4273-1, DSA-4273-2, FG-IR-18-002, HPESBHF03850, HT209193, ibm10796076, K51801290, openSUSE-SU-2018:1904-1, openSUSE-SU-2018:2399-1, SSA-268644, SSA-608355, SUSE-SU-2018:1926-1, SUSE-SU-2018:1935-1, SUSE-SU-2018:2076-1, SUSE-SU-2018:2331-1, SUSE-SU-2018:2335-1, SUSE-SU-2018:2338-1, TA18-141A, USN-3756-1, VIGILANCE-VUL-26184, VU#180049.

Description of the vulnerability 

A local attacker can read a memory fragment via System Register of some processors, in order to obtain sensitive information.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This vulnerability bulletin impacts software or systems such as Mac OS X, Cisco ASR, Nexus by Cisco, NX-OS, Cisco UCS, Debian, Avamar, Unisphere EMC, BIG-IP Hardware, TMOS, FortiAnalyzer, FortiGate, FortiManager, FortiOS, HP ProLiant, QRadar SIEM, Windows (platform) ~ not comprehensive, openSUSE Leap, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this security note is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this cybersecurity note.

Solutions for this threat 

Apple macOS: version 10.14.1.
The version 10.14.1 is fixed:
  https://support.apple.com/

Cisco: solution for Speculative Store.
The solution is indicated in information sources.

Debian 8: new intel-microcode packages (17/09/2018).
New packages are available:
  Debian 8: intel-microcode 3.20180807a.1~deb8u1

Debian 8: new intel-microcode packages (27/07/2018).
New packages are available:
  Debian 8: intel-microcode 3.20180703.2~deb8u1

Debian 9: new intel-microcode packages.
New packages are available:
  Debian 9: intel-microcode 3.20180807a.1~deb9u1

Dell EMC Avamar: solution for Processors.
The solution is indicated in information sources.

Dell EMC Unisphere: solution for Speculative Store.
The solution is indicated in information sources.

F5 BIG-IP: solution for System Register.
The solution is indicated in information sources.

Fortinet: solution for Meltdown/Spectre.
Fixed versions are indicated in information sources.

HPE ProLiant: solution for Speculative Store.
The solution is indicated in information sources.

IBM QRadar SIEM: solution for CPU Speculative Execution.
The solution is indicated in information sources.

OpenStack Nova: version 15.1.3.
The version 15.1.3 is fixed:
  https://www.openstack.org/

OpenStack Nova: version 16.1.3-10.
The version 16.1.3-10 is fixed:
  https://www.openstack.org/

OpenStack Nova: version 17.0.5.
The version 17.0.5 is fixed:
  https://www.openstack.org/

openSUSE Leap: new ucode-intel packages (09/07/2018).
New packages are available:
  openSUSE Leap 42.3: ucode-intel 20180703-25.1
  openSUSE Leap 15.0: ucode-intel 20180703-lp150.2.4.1

openSUSE Leap: new ucode-intel packages (17/08/2018).
New packages are available:
  openSUSE Leap 42.3: ucode-intel 20180807-28.1
  openSUSE Leap 15.0: ucode-intel 20180807-lp150.2.7.1

Polycom: solution for Meltdown/Spectre.
The solution is indicated in information sources.

Siemens SIMATIC: solution for Speculative Store.
The solution is indicated in information sources.

SIMATIC WinAC RTX F 2010: workaround for Processor.
A workaround is indicated in the information source.

SUSE LE 11: new microcode_ctl packages (16/08/2018).
New packages are available:
  SUSE LE 11 SP3: microcode_ctl 1.17-102.83.27.1
  SUSE LE 11 SP4: microcode_ctl 1.17-102.83.27.1

SUSE LE 11: new microcode_ctl packages (27/07/2018).
New packages are available:
  SUSE LE 11 SP4: microcode_ctl 1.17-102.83.24.1
  SUSE LE 11 SP3: microcode_ctl 1.17-102.83.24.1

SUSE LE 12: new ucode-intel packages (12/07/2018).
New packages are available:
  SUSE LE 12 RTM: ucode-intel 20180703-13.25.1
  SUSE LE 12 SP1: ucode-intel 20180703-13.25.1
  SUSE LE 12 SP2: ucode-intel 20180703-13.25.1
  SUSE LE 12 SP3: ucode-intel 20180703-13.25.1

SUSE LE 12: new ucode-intel packages (16/08/2018).
New packages are available:
  SUSE LE 12 RTM: ucode-intel 20180807-13.29.1
  SUSE LE 12 SP1: ucode-intel 20180807-13.29.1
  SUSE LE 12 SP2: ucode-intel 20180807-13.29.1
  SUSE LE 12 SP3: ucode-intel 20180807-13.29.1

SUSE LE 15: new ucode-intel packages (12/07/2018).
New packages are available:
  SUSE LE 15 RTM: ucode-intel 20180703-3.3.1

SUSE LE 15: new ucode-intel packages (16/08/2018).
New packages are available:
  SUSE LE 15 RTM: ucode-intel 20180807-3.6.1

Ubuntu: new intel-microcode packages.
New packages are available:
  Ubuntu 18.04 LTS: intel-microcode 3.20180807a.0ubuntu0.18.04.1
  Ubuntu 16.04 LTS: intel-microcode 3.20180807a.0ubuntu0.16.04.1
  Ubuntu 14.04 LTS: intel-microcode 3.20180807a.0ubuntu0.14.04.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a system vulnerability bulletin. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.