英特尔和安全研究人员先前公开披露了三个新的cpu侧通道漏洞(CVE-2018-3615,CVE-2018-3620和CVE-2018-3646)。成功利用这些漏洞可能使本地攻击者可以在特定情况下读取其他进程的内存。研究人员将这些漏洞命名为“ Foreshadow”和“ Foreshadow-NG”。它们在业界也被称为L1终端故障(L1TF)。
12月23日,华为发布了安全更新,修复了旗下云服务等相关产品中存在的信息泄露漏洞.以下是漏洞详情:
漏洞详情
来源:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
CVE-2018-3615,CVE-2018-3620,CVE-2018-36464 漏洞级别:重要
具有利用推测性执行和地址转换的微处理器的系统可以允许通过终端页面错误和副信道分析通过本地用户访问而将L1数据高速缓存中存在的信息未经授权地泄露给攻击者。
受影响产品,版本及修复方案
产品名称 | 受影响版本 | 修复版本 |
1288H V5 | Versions earlier than V100R005C00SPC117 (BIOS V081) | V100R005C00SPC117 (BIOS V081) |
2288H V5 | Versions earlier than V100R005C00SPC117 (BIOS V081) | V100R005C00SPC117 (BIOS V081) |
Agile Controller-Campus | V100R001C00 | V100R003C30SPC100 |
V100R002C00 | ||
V100R002C10 | ||
BH620 V2 | Versions earlier than V100R002C00SPC302 (BIOS V370) | V100R002C00SPC302(BIOS V370) |
BH621 V2 | Versions earlier than V100R002C00SPC301 (BIOS V370) | V100R002C00SPC301 (BIOS V370) |
BH622 V2 | Versions earlier than V100R002C00SPC309 (BIOS V521) | V100R002C00SPC309 (BIOS V521) |
BH640 V2 | Versions earlier than V100R002C00SPC307 (BIOS V521) | V100R002C00SPC307 (BIOS V521) |
CH242 V3 | Versions earlier than V100R001C00SPC331 (BIOS V358) | V100R001C00SPC331 (BIOS V358) |
EulerOS | V200R007C00 | V200R007C00SPC200 |
FusionCube | V100R002C02 | 3.1.1 |
V100R002C30 | ||
V100R002C70 | ||
FusionSphere OpenStack | V100R006C00RC3B036 | V100R006C30SPC100 |
V100R006C10SPC112 | UVP KVM 2.5.RC9 | |
GTSOFTX3000 | V200R002C20 | V200R002C20SPC600 |
HUAWEI MateBook X Pro (MACH-W19/ MACH-W29) | Versions earlier than BIOS 1.12 | BIOS 1.12 |
RH1288 V2 | Versions earlier than V100R002C00SPC640 (BIOS 520) | V100R002C00SPC640 (BIOS 520) |
RH1288A V2 | Versions earlier than V100R002C00SPC710 (BIOS V521) | V100R002C00SPC710 (BIOS V521) |
RH2265 V2 | Versions earlier than V100R002C00SPC510 (BIOS V519) | V100R002C00SPC510 (BIOS V519) |
RH2268 V2 | Versions earlier than V100R002C00SPC609 (BIOS V519) | V100R002C00SPC609 (BIOS V519) |
RH2285 V2 | Versions earlier than V100R002C00SPC511 (BIOS V521) | V100R002C00SPC511 (BIOS V521) |
RH2285H V2 | Versions earlier than V100R002C00SPC511 (BIOS V521) | V100R002C00SPC511 (BIOS V521) |
RH2288 V2 | Versions earlier than V100R002C00SPC610 (BIOS 520) | V100R002C00SPC610 (BIOS 520) |
RH2288A V2 | Versions earlier than V100R002C00SPC710 (BIOS V521) | V100R002C00SPC710 (BIOS V521) |
RH2288E V2 | Versions earlier than V100R002C00SPC302 (BIOS V519) | V100R002C00SPC302 (BIOS V519) |
RH2288H V2 | Versions earlier than V100R002C00SPC620 (BIOS 520) | V100R002C00SPC620 (BIOS 520) |
RH2485 V2 | Versions earlier than V100R002C00SPC713 (BIOS V521) | V100R002C00SPC713 (BIOS V521) |
SMC2.0 | V500R002C00 | V600R006C10SPC800 |
UC Audio Recorder | V100R001C01 | eSpace Audio Recorder V100R001C01SPC100 |
V100R001C02 | eSpace Audio Recorder V100R001C02SPC300 | |
VP9630 | V600R006C10 | V600R019C00 |
VP9660 | V600R006C10 | V600R019C00 |
eLog | V200R003C10 | V200R005C00SPC208 |
V200R003C20 | ||
eSpace U2980 | V100R001C01 | V100R001C10SPC601 |
V100R001C02 | ||
V100R001C10 | ||
V200R003C00 | ||
eSpace UMS | V200R002C00 | V200R002C00SPC300 |
iManager NetEco | V600R007C00 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
V600R007C10 | ||
V600R007C11 | ||
V600R007C12 | ||
V600R007C20 | ||
V600R007C30 | ||
V600R007C40 | ||
V600R007C50 | ||
V600R007C60 | ||
V600R008C00 | ||
V600R008C10 | ||
V600R008C20 | ||
V600R008C30 | ||
iManager NetEco 6000 | V600R007C40 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
V600R007C60 | ||
V600R007C80 | ||
V600R007C90 | ||
V600R008C00 |
客户应联系华为技术支持中心(Huawei TAC)请求升级。有关TAC的联系信息,请访问华为全球网站http://www.huawei.com/cn/psirt/report-vulnerabilities。
查看更多漏洞信息 以及升级请访问官网:
https://www.huawei.com/en/psirt/all-bulletins