K17269881 : Intel MCE vulnerability CVE-2018-12207

Security Advisory Description

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel® Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. (CVE-2018-12207)

Impact

A privileged guest user may use this flaw to induce a hardware Machine Check Error (MCE) that halts the host processor and results in a denial-of-service (DoS) scenario.
This is a hardware issue and requires kernel updates to remediate. This issue impacts all BIG-IP platforms using the following Intel processor families:

• Xeon
• Pentium Gold
• Core X-series
• Core i
• Celeron G
  The following BIG-IP platforms are vulnerable:
• BIG-IP 2000s, 2200s, 4000s, 4200v, 5000s, 5050s, 5200v,5250v, 5250v fips, 7000s, 7200v , 7200v FIPS , 7250v series
• BIG-IP 10000s, 10050s, 10055s, 10150s NEBS, 10200v, 10200v FIPS, 10200v SSL, 10250v, 10255v, 10350v, 10350v NEBS, 11050 NEBS, 12250v series
• BIG-IP iSeries platforms: i850, i2x00, i4x00, i5x00, i5820-DF, i7x00, i7x00-D2, i7820-DF, i10x00 / i10x00-D2, i11x00, i11x00-DS, i15x00
• VIPRION B2100, VIPRION B2150 , VIPRION B2250, VIPRION B4300 , VIPRION B4340N
• Enterprise Manager 4000
• BIG-IQ 7000
  The following BIG-IP platforms are not vulnerable:
• BIG-IP 800, 1600, 3600, 3900, 4200, 4340, 6900 series
• BIG-IP 8900, 8950, 1100, 11050, 11050 FIPS series