Meltdown and Spectre (CVE-2017-5754 & CVE-2017-5753)

Meltdown and Spectre

Summary

As you may have seen reported through many media outlets two theoretical vulnerabilities have been announced which are commonly known as  Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715)

These vulnerabilities seek to break the isolation between user applications and the operating system, and also between different applications.   This is able to happen due to the architectural design of Intel CPU’s, which can allow locally running non-privileged malware to read data from the underlying operating system.

 

Is LoadMaster vulnerable?

Due to the architecture of the LoadMaster we believe that none of our appliances are vulnerable to this exploit.

 

Is KEMP360 Central vulnerable?

Due to the architecture of the KEMP360 Central platform we believe that this product family is not vulnerable to this exploit.

 

Is KEMP360 Vision vulnerable?

Due to the architecture of the KEMP360 Vision we believe that this product is not vulnerable to this exploit.

 

However, as part of being a good citizen in the Linux community we will be creating patches based on the work of the Linux kernel team.

Additional information

For additional information the team that discovered this vulnerability has published it at https://meltdownattack.com/.  This page also includes the latest links to the security pages for the platform providers.

 

KEMP is committed to resolving security vulnerabilities carefully and quickly. If you think you have found a security flaw in a KEMP product, please send all supporting information to  securityalert@kemptechnologies.com.

 

 

Was this article helpful?

2 out of 2 found this helpful

Comments