Meltdown and Spectre (CVE-2017-5754 & CVE-2017-5753)

Meltdown and Spectre

Summary

As you may have seen reported through many media outlets two theoretical vulnerabilities have been announced which are commonly known as  Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715)

These vulnerabilities seek to break the isolation between user applications and the operating system, and also between different applications.   This is able to happen due to the architectural design of Intel CPU’s, which can allow locally running non-privileged malware to read data from the underlying operating system.

 

Is LoadMaster vulnerable?

Due to the architecture of the LoadMaster none of our appliances are vulnerable to this exploit.  

LoadMaster operates as a closed network appliance and 3rd party software (for example to exploit this vulnerability) cannot be loaded or executed.

LoadMaster hardware appliances combine “common off the shelf” hardware (COTS) which are built around x86 processors and the LoadMaster Operating system.

The hardware appliances vendors design their platforms to be able to run different operating systems such as Microsoft Windows, Linux which are then able to be used for a range of applications.   Our partners release BIOS/Microcode updates on a regular basis as enhancements are made or to address specific issues as in the case of the Spectre and Meltdown vulnerabilities.    Therefore, the releasing of a BIOS patch and any associated microcode updates is the right response from these partners.  KEMP will continue to review and test all partner BIOS releases and microcode changes that are made available.  It is standard practice for KEMP to regularly update the production platforms to keep them up to date.

 

Is KEMP360 Central vulnerable?

Due to the architecture of the KEMP360 Central platform this product family is not vulnerable to this exploit.

 

Is KEMP360 Vision vulnerable?

Due to the architecture of the KEMP360 Vision this product is not vulnerable to this exploit.

 

 ------------------------------------------------------------------------------------------------------------

 

However, as part of being a good citizen in the Linux community we will be creating patches based on the work of the Linux kernel team.

 

Additional information

For additional information the team that discovered this vulnerability has published it at https://meltdownattack.com/.  This page also includes the latest links to the security pages for the platform providers.

 

KEMP is committed to resolving security vulnerabilities carefully and quickly. If you think you have found a security flaw in a KEMP product, please send all supporting information to  securityalert@kemptechnologies.com.

 

Was this article helpful?

2 out of 2 found this helpful

Comments