Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20180106-01-CPU
HistoryJan 06, 2018 - 12:00 a.m.

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

2018-01-0600:00:00
Huawei Technologies
www.huawei.com
72

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.976

Percentile

100.0%

Security researchers disclosed two groups of CPU vulnerabilities “Meltdown” and “Spectre”. In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel. (Vulnerability ID: HWPSIRT-2018-01001, HWPSIRT-2018-01002, HWPSIRT-2018-01003)

This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180106-01-cpu-en

Carrier customers can log into Huawei Support website to obtain information about affected products and solutions: http://support.huawei.com/carrier/docview!docview?nid=NEWS2100007596&path=PBI1-8132379****

Affected configurations

Vulners
Node
huawei1288h_v5Range<V100R005C00SPC110
OR
huawei2288h_v5Range<V100R005C00SPC110
OR
huawei2488_v5Range<V100R005C00SPC301
OR
huawei2488h_v5Range<V100R005C00SPC101
OR
huaweioceanstor_5800_v3Matchv100r003c00
OR
huawei9032Matchv100r001c20
OR
huaweiar100Range<V200R009C00SPC500
OR
huaweiar100-s_firmwareRange<V200R009C00SPC500
OR
huaweiar110-s_firmwareRange<V200R009C00SPC500
OR
huaweiar120Range<V200R009C00SPC500
OR
huaweiar120-s_firmwareRange<V200R009C00SPC500
OR
huaweiar1220cRange<V200R009C00SPC500
OR
huaweiar1500Range<V200R009C00SPC500
OR
huaweiar151-s2Range<V200R009C00SPC500
OR
huaweiar160Range<V200R009C00SPC500
OR
huaweiar160Range<V200R009C00SPC500
OR
huaweiar2204-xgeRange<V200R009C00SPC500
OR
huaweiar3600Range<V200R009C00SPC500
OR
huaweisrg1300Range<V200R009C00SPC500
OR
huaweisrg1320eRange<V200R009C00SPC500
OR
huaweiagile_controller-campusMatchv100r001c00
OR
huaweiagile_controller-campusMatchv100r002c00
OR
huaweiagile_controller-campusMatchv100r002c10
OR
huaweitecal_bh620_v2_firmwareRange<V100R002C00SPC302
OR
huaweitecal_bh621_v2_firmwareRange<V100R002C00SPC301
OR
huaweitecal_bh622_v2_firmwareRange<V100R002C00SPC309
OR
huaweitecal_bh640_v2_firmwareRange<V100R002C00SPC307
OR
huaweich121_v5_firmwareRange<V100R001C00SPC305
OR
huaweich121_v3_firmwareRange<V100R001C00SPC255
OR
huaweich121_v5_firmwareRange<V100R001C00SPC122
OR
huaweioceanstor_5800_v3Range<V100R001C00SPC115
OR
huaweich121l_v3_firmwareRange<V100R001C00SPC155
OR
huaweich121l_v5Range<V100R001C00SPC120
OR
huaweich140Range<V100R001C00SPC325
OR
huaweich140_v3_firmwareRange<V100R001C00SPC175
OR
huaweich140l_v3_firmwareRange<V100R001C00SPC155
OR
huaweich220_v3_firmwareRange<V100R001C00SPC305
OR
huaweifusionserver_ch220_v3Range<V100R001C00SPC255
OR
huaweich221Range<V100R001C00SPC305
OR
huaweitecal_ch222_firmwareRange<V100R001C00SPC305
OR
huaweifusionserver_ch222_v3Range<V100R001C00SPC255
OR
huaweich225_v5Range<V100R001C00SPC155
OR
huaweich226_v3_server_firmwareRange<V100R001C00SPC175
OR
huaweich240Range<V100R001C00SPC305
OR
huaweich242_v3_firmwareRange<V100R001C00SPC325
OR
huaweich242_v5Range<V100R001C00SPC111
OR
huaweitecal_dh320_v2_firmwareRange<V100R001C00SPC109
OR
huaweirh2288a_v2_firmwareRange<V100R002C00SPC303
OR
huaweitecal_dh620_v2_firmwareRange<DH620
OR
huaweitecal_dh620_v2_firmwareRange<V2
OR
huaweitecal_dh620_v2_firmwareRange<V100R001C00SPC202
OR
huaweitecal_dh621_v2_firmwareRange<V100R001C00SPC202
OR
huaweirh2288a_v2_firmwareRange<V100R002C00SPC202
OR
huaweitecal_dh628_v2_firmwareRange<V100R001C00SPC201
OR
huaweiecc800Matchecc500v600r002c00spc300
OR
huaweiecc800Range<V100R002C10SPC200
OR
huaweiecc800Matchv100r001c10
OR
huaweiecc800Matchv100r001c10spc100
OR
huaweiecc800Matchv100r001c30
OR
huaweiecc800Matchv100r001c30spc100
OR
huaweiecc800Matchv100r001c30spc200
OR
huaweiecc800Matchv100r001c40
OR
huaweiecc800Matchv100r001c40spc100
OR
huaweiecc800Matchv100r001c40spc200
OR
huaweiecc800Matchv100r001c40spc300
OR
huaweiecc800Matchv100r001c40spc400
OR
huaweiecc800Matchv100r001c41
OR
huaweiecc800Matchv100r001c41spc100
OR
huaweiecc800Matchv100r001c41spc200
OR
huaweiecc800Matchv100r001c41spc201
OR
huaweiecc800Matchv100r001c41spc202
OR
huaweiecc800Matchv100r002c00
OR
huaweiecc800Matchv100r002c00spc010
OR
huaweiecc800Matchv100r002c00spc020
OR
huaweiecc800Matchv100r002c00spc100
OR
huaweiecc800Matchv100r002c00spc101
OR
huaweiecc800Matchv100r002c00spc103
OR
huaweiecc800Matchv100r002c00spc105
OR
huaweiecc800Matchv100r002c00spc110
OR
huaweiecc800Matchv100r002c10spc100
OR
huaweiecc800Matchv100r002c10spc110
OR
huaweiecc800Matchv100r002c10spc130
OR
huaweiecc800Matchv100r002c10spc131
OR
huaweieulerosMatchv2.0sp1
OR
huaweieulerosMatchv2.0sp2
OR
huaweifusioncloudMatch2.0.5
OR
huaweifusioncloudMatch2.0.6
OR
huaweifusioncloudMatch6.0.0
OR
huaweifusioncomputeMatch6.3.0
OR
huaweifusioncomputeMatchv100r006c00
OR
huaweifusioncomputeMatchv100r006c10
OR
huaweifusioncubeMatchv100r002c02
OR
huaweifusionsphereMatch5.1
OR
huaweifusionsphereMatch6.0u1
OR
huaweifusionsphereMatch6.1
OR
huaweifusionsphere_openstackMatchv100r005c00
OR
huaweifusionsphere_openstackMatchv100r005c10
OR
huaweifusionsphere_openstackMatchv100r006c00
OR
huaweifusionsphere_openstackMatchv100r006c10
OR
huaweigtsoftx3000Matchv200r002c20
OR
huaweiar500Range<V200R009C00SPC500
OR
huaweiar510Range<V200R009C00SPC500
OR
huaweiar532Range<V200R009C00SPC500
OR
huaweiar550cRange<V200R009C00SPC500
OR
huaweiar550eRange<V200R009C00SPC500
OR
huaweisrg550cRange<V200R009C00SPC500
OR
huaweikunlun_9008Range<V100R001C30SPC103
OR
huaweikunlun_9016Range<V100R001C30SPC103
OR
huaweikunlun_9032Range<V100R001C30SPC103
OR
huaweimatebook_hz-w09Range<1.51
OR
huaweimatebook_hz-w19Range<1.51
OR
huaweimatebook_hz-w29Range<1.51
OR
huaweimatebook_b200Range<1.20
OR
huaweimatebook_d_pl-w09Range<1.20
OR
huaweimatebook_d_pl-w19Range<1.20
OR
huaweimatebook_d_pl-w29Range<1.20
OR
huaweimatebook_d_mrc-w10Range<1.15
OR
huaweimatebook_d_mrc-w50Range<1.15
OR
huaweimatebook_d_mrc-w60Range<1.15
OR
huaweimatebook_e_bl-w09Range<2.02
OR
huaweimatebook_e_bl-w19Range<2.02
OR
huaweimatebook_x_wt-w09Range<2.02
OR
huaweimatebook_x_wt-w19Range<2.02
OR
huaweinfviMatch6.1.5
OR
huaweioceanstor_18500_firmwareMatchv300r003c00
OR
huaweiopsmonitorMatch1.3.5
OR
huaweitecal_rh1288_v2_firmwareRange<V100R002C00SPC640
OR
huaweirh1288_v3_firmwareMatchv100r003c00
OR
huaweifusionserver_rh1288a_v2Range<V100R002C00SPC710
OR
huaweitecal_rh2265_v2_firmwareMatchv100r002c00
OR
huaweitecal_rh2268_v2_firmwareMatchv100r002c00
OR
huaweitecal_rh2285_v2_firmwareRange<V100R002C00SPC511
OR
huaweitecal_rh2285h_v2_firmwareRange<V100R002C00SPC511
OR
huaweitecal_rh2288_v2_firmwareRange<V100R002C00SPC610
OR
huaweifusionserver_rh2288_v3Matchv100r003c00
OR
huaweirh2288a_v2_firmwareRange<V100R002C00SPC710
OR
huaweirh2288a_v2_firmwareMatchv100r002c00
OR
huaweitecal_rh2288h_v2_firmwareRange<V100R002C00SPC620
OR
huaweitecal_rh2485_v2_firmwareRange<V100R002C00SPC713
OR
huaweitecal_rh5885_v2_firmwareMatchv100r001c00
OR
huaweirh5885_v3_server_firmwareMatchv100r003c00
OR
huaweitecal_rh5885h_v3_firmwareMatchv100r003c00
OR
huaweitecal_rh5885h_v3_firmwareMatchv100r003c10
OR
huaweifusionserver_rh8100_v3Matchv100r003c00
OR
huaweismc2.0Matchv100r003c10
OR
huaweismc2.0Matchv500r002c00
OR
huaweisrg1300Matchv200r006c00
OR
huaweisrg1300Matchv200r006c10
OR
huaweisrg1300Matchv200r006c11
OR
huaweisrg1300Matchv200r006c12
OR
huaweisrg1300Matchv200r006c13
OR
huaweisrg1300Matchv200r006c15
OR
huaweisrg1300Matchv200r006c16
OR
huaweisrg1300Matchv200r006c17
OR
huaweisrg1300Matchv200r007c00
OR
huaweisrg1300Matchv200r007c01
OR
huaweisrg1300Matchv200r007c02
OR
huaweisrg1300Matchv200r007c05
OR
huaweisrg1300Matchv200r007c06
OR
huaweisrg1300Matchv200r008c00
OR
huaweisrg1300Matchv200r008c10
OR
huaweisrg1300Matchv200r008c20
OR
huaweisrg1300Matchv200r008c30
OR
huaweisrg1300Matchv200r008c50
OR
huaweisrg1300Matchv200r009c00
OR
huaweisrg500Matchv200r008c50
OR
huaweisrg500Matchv200r009c00
OR
huaweiuc_audio_recorderMatchv100r001c02
OR
huaweivp9630Matchv600r006c10
OR
huaweivp9660Matchv600r006c10
OR
huaweitecal_xh320_v2_firmwareRange<V100R001C00SPC205
OR
huaweixh321_v5Range<V100R001C00SPC205
OR
huaweixh321_v3_firmwareRange<V100R003C00SPC502
OR
huaweixh321_v5Range<V100R005C00SPC501
OR
huaweixh620_v3_firmwareRange<V100R003C00SPC625
OR
huaweitecal_xh621_v2_firmwareRange<V100R001C00SPC205
OR
huaweixh622_v3_server_firmwareRange<V100R003C00SPC623
OR
huaweixh628_v3_firmwareRange<V100R003C00SPC623
OR
huaweieapp610Matchv100r004c10
OR
huaweiecns210Matchv100r005c00
OR
huaweiecns280_tdMatchv100r005c00
OR
huaweiese620x_vescMatchv100r001c00spc300
OR
huaweiese620x_vescMatchv100r001c00spc310
OR
huaweiese620x_vessMatchv100r001c00
OR
huaweiesightMatchv300r007c00
OR
huaweiespace_8950Matchv200r003c00
OR
huaweiespace_8950Matchv300r001c00
OR
huaweiespace_8950Matchv200r002c00
OR
huaweiespace_usm_firmwareMatchv300r001c00
OR
huaweielogMatchv200r007c10
OR
huaweiibatteryMatchibattery_v276
OR
huaweiibatteryMatchibattery_v281
OR
huaweiibatteryMatchibattery_v285
OR
huaweiibatteryMatchibattery_v286
OR
huaweiibatteryMatchibattery_v289
OR
huaweiibatteryMatchibattery_v291
OR
huaweiibatteryMatchibattery_v295
OR
huaweiibatteryMatchibattery_v296
OR
huaweiibatteryMatchibattery_v297b003
OR
huaweiimanager_netecoMatchv600r008c30
OR
huaweiimanager_neteco_6000Matchv600r008c00

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.976

Percentile

100.0%