[Info-vax] Intel x86-64 Processor Design Security Vulnerability?
Jan-Erik Soderholm
jan-erik.soderholm at telia.com
Wed Jan 10 13:25:43 EST 2018
Den 2018-01-10 kl. 19:13, skrev Stephen Hoffman:
> On 2018-01-02 16:20:27 +0000, Stephen Hoffman said:
>
>> There's speculation around a potential security vulnerability...
>
>
> "SUPPORT COMMUNICATION - SECURITY BULLETIN
> Document ID: hpesbhf03805en_us
> Version: 1
> HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel,
> AMD, and ARM, with Speculative Execution, Elevation of Privilege and
> Information Disclosure
>
> NOTICE: The information in this Security Bulletin should be acted upon as
> soon as possible.
>
> Release Date: 2018-01-05
> Last Updated: 2018-01-09
> Potential Security Impact: Local: Disclosure of Information, Elevation of
> Privilege
> Source: Hewlett Packard Enterprise, HPE Product Security Response Team
>
> VULNERABILITY SUMMARY
> On January 3 2018, side-channel security vulnerabilities involving
> speculative execution were publicly disclosed. These vulnerabilities may
> impact the listed HPE products, potentially leading to information
> disclosure and elevation of privilege. Mitigation and resolution of these
> vulnerabilities may call for both an operating system update, provided by
> the OS vendor, and a system ROM update from HPE."
>
> ....
>
> https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
>
Revision history for the page below.
Is it rev.4 or the latest that is current? :-)
HISTORY
Version:1 (rev.1) - 4 January 2018 Initial release
Version:2 (rev.2) - 5 January 2018 Added additional impacted products
Version:3 (rev.3) - 10 January 2018 Added more impacted products
Version:4 (rev.4) - 9 January 2018 Fixed product ID
More information about the Info-vax
mailing list