CPU hardware vulnerable to side-channel attacks(CV-2017-5175, CVE-2017-5753, CVE-2017-5754)
Rev. 1.0
August 3, 2018
Fujitsu Limited
On January 3, 2018 a team of security researchers revealed new vulnerabilities that take advantage of techniques commonly used in many modern processor architectures. Collectively known as Meltdown and Spectre, these vulnerabilities utilize a new method of side-channel analysis and could allow an unprivileged attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.
Below are the procedures to protect ETERNUS Storage. For other Fujitsu products, please see CPU hardware vulnerable to side-channel attacks(CVE-2017-5715, CVE-2017-5753, CVE-2017-5754).
Impact on ETERNUS Storage
The ETERNUS Storage shown below are not affected by these security issue.
Product | Status | Necessary updates | |
---|---|---|---|
All-Flash Array | ETERNUS AF series | Not affected | Firmware update is not needed |
Hybrid Storage Systems | ETERNUS DX series | Not affected | Firmware update is not needed |
Hyperscale Storage Systems | ETERNUS CD10000 | Not affected | Firmware update is not needed |
Tape systems | ETERNUS LT series | Not affected | Firmware update is not needed |
Data Protection Appliance | ETERNUS CS800 | Not affected | Firmware update is not needed |
ETERNUS CS8000 | Not affected | Firmware update is not needed | |
Switches | ETERNUS SN200 series | Not affected | Firmware update is not needed |
Brocade series | Not affected | Firmware update is not needed |
Details
For more details, please see the following links.
- US-CERT: VU#584653: CPU hardware vulnerable to side-channel attacks
- CVE: CVE-2017-5715
- CVE: CVE-2017-5753
- CVE: CVE-2017-5754
- Intel Analysis of SpeculativeExecution Side Channels
- Intel Analysis of Speculative Execution Side Channels White Paper
Contact
For further information, please contact your authorized service provider.