Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20180615-01-CPU
HistoryJun 15, 2018 - 12:00 a.m.

Security Advisory - Side-Channel Vulnerability Variants 3a and 4

2018-06-1500:00:00
Huawei Technologies
www.huawei.com
93

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

65.7%

Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown. These variants known as 3A (CVE-2018-3640)and 4 (CVE-2018-3639), local attackers may exploit these vulnerabilities to cause information leak on the affected system. (Vulnerability ID: HWPSIRT-2018-05139 and HWPSIRT-2018-05140)

Huawei has released software updates to fix these vulnerabilities in the following products.

This advisory will be updated as additional information becomes available, Please stay tuned. This advisory is available at the following link: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180615-01-cpu-en.

Affected configurations

Vulners
Node
huawei1288h_v5_firmwareRange<V100R005C00SPC117
OR
huawei2288h_v5Range<V100R005C00SPC117
OR
huawei2488_v5Range<V100R005C00SPC500
OR
huawei2488h_v5Range<V100R005C00SPC203
OR
huawei5288_v3Range<V100R003C00SPC706
OR
huaweiar3600Matchv200r006c10
OR
huaweibh620_v2_firmwareRange<V100R002C00SPC302
OR
huaweibh621_v2_firmwareRange<V100R002C00SPC301
OR
huaweibh622_v2_firmwareRange<V100R002C00SPC309
OR
huaweibh640_v2_firmwareRange<V100R002C00SPC307
OR
huaweich121_firmwareMatchv100r001c00spc305
OR
huaweifusionserver_ch121_v3Range<V100R001C00SPC261
OR
huaweich121_v5_firmwareRange<V100R001C00SPC131
OR
huaweich121h_v3Range<V100R001C00SPC121
OR
huaweich121l_v3_firmwareRange<V100R001C00SPC161
OR
huaweich121l_v5Range<V100R001C00SPC131
OR
huaweich140Matchv100r001c00
OR
huaweich140_v3_firmwareRange<V100R001C00SPC181
OR
huaweich140l_v3_firmwareRange<V100R001C00SPC161
OR
huaweich220_firmwareMatchv100r001c00
OR
huaweifusionserver_ch220_v3Range<V100R001C00SPC261
OR
huaweich221Matchv100r001c00
OR
huaweich222_firmwareMatchv100r002c00spc305
OR
huaweifusionserver_ch222_v3Range<V100R001C00SPC261
OR
huaweich225_v5Range<V100R001C00SPC161
OR
huaweich226_v3_server_firmwareRange<V100R001C00SPC181
OR
huaweich240Matchv100r001c00
OR
huaweich242Matchv100r001c00
OR
huaweich242_v3_firmwareRange<V100R001C00SPC331
OR
huaweich242_v3_firmwareRange<V100R001C00SPC331
OR
huaweich242_v5Range<V100R001C00SPC121
OR
huaweifusioncomputeMatchv100r006c00
OR
huaweifusioncomputeMatchv100r006c10
OR
huaweifusioncubeMatchv100r002c02
OR
huaweifusioncubeMatchv100r002c30
OR
huaweifusioncubeMatchv100r002c70
OR
huaweifusionsphere_openstackMatchv100r005c00
OR
huaweifusionsphere_openstackMatchv100r005c10spc700
OR
huaweifusionsphere_openstackMatchv100r005c10spc701
OR
huaweifusionsphere_openstackMatchv100r006c00
OR
huaweifusionsphere_openstackMatchv100r006c10
OR
huaweifusionsphere_openstackMatchv1r6c00rc1spc1b060
OR
huaweimatebook_hz-w09Range<1.52
OR
huaweimatebook_hz-w19Range<1.52
OR
huaweimatebook_hz-w29Range<1.52
OR
huaweimatebook_b200Range<1.21
OR
huaweimatebook_d_pl-w09Range<1.21
OR
huaweimatebook_d_pl-w19Range<1.21
OR
huaweimatebook_d_pl-w29Range<1.21
OR
huaweimatebook_d_mrc-w10Range<1.19
OR
huaweimatebook_d_mrc-w50Range<1.19
OR
huaweimatebook_d_mrc-w60Range<1.19
OR
huaweimatebook_x_wt-w19Range<1.12
OR
huaweimatebook_hz-w29Range<1.12
OR
huaweihonor_magicbook_vlt-w50Range<1.12
OR
huaweihonor_magicbook_vlt-w60Range<1.12
OR
huaweimanageoneMatch3.0.5
OR
huaweimanageoneMatch3.0.7
OR
huaweimanageoneMatch3.0.8
OR
huaweimanageoneMatch3.0.9
OR
huaweioceanstor_18500_firmwareMatchv100r001c30spc300
OR
huaweioceanstor_18500_firmwareMatchv300r003c00
OR
huaweioceanstor_18500_firmwareMatchv300r006c10spc100
OR
huawei18500f_v3Matchv300r006c10spc100
OR
huaweioceanstor_18800_firmwareMatchv100r001c30spc300
OR
huaweioceanstor_18800_firmwareMatchv300r006c10spc100
OR
huaweioceanstor_18800f_firmwareMatchv100r001c30spc300
OR
huaweioceanstor_18800f_firmwareMatchv300r006c10spc100
OR
huaweioceanstor_5300_firmwareMatchv300r006c10spc100
OR
huaweioceanstor_5500_firmwareMatchv300r006c10spc100
OR
huaweioceanstor_5600_v3_firmwareMatchv300r006c10spc100
OR
huaweioceanstor_5800_v3Matchv300r006c10spc100
OR
huaweioceanstor_5800_v3Matchv300r006c10spc100
OR
huaweioceanstor_hvs85t_firmwareMatchv100r001c00
OR
huaweioceanstor_hvs88t_firmwareMatchv100r001c00
OR
huaweioceanstor_replicationdirectorMatchv200r001c00
OR
huaweirh1288_v2_firmwareRange<V100R002C00SPC640
OR
huaweirh1288_v3_firmwareRange<V100R003C00SPC706
OR
huaweifusionserver_rh1288a_v2Range<V100R002C00SPC710
OR
huaweirh2265_v2_firmwareRange<V100R002C00SPC510
OR
huaweirh2268_v2_firmwareRange<V100R002C00SPC609
OR
huaweirh2285_v2_firmwareRange<V100R002C00SPC511
OR
huaweirh2285h_v2_firmwareRange<V100R002C00SPC511
OR
huaweirh2288_v2_firmwareRange<V100R002C00SPC610
OR
huaweifusionserver_rh2288_v3Range<V100R003C00SPC706
OR
huaweirh2288a_v2_firmwareRange<V100R002C00SPC710
OR
huaweirh2288e_v2_firmwareRange<V100R002C00SPC302
OR
huaweirh2288h_v2_firmwareRange<V100R002C00SPC620
OR
huaweifusionserver_rh2288h_v3Range<V100R003C00SPC706
OR
huaweirh2485_v2_firmwareRange<V100R002C00SPC713
OR
huaweirh5885_v2_firmwareRange<V100R001C02SPC306
OR
huaweirh5885_v2_firmwareRange<V100R001C02SPC306
OR
huaweirh5885_v3_firmwareRange<V100R003C01SPC127
OR
huaweirh5885_v3_firmwareRange<V100R003C10SPC121
OR
huaweitecal_rh5885h_v3_firmwareRange<V100R003C00SPC218
OR
huaweitecal_rh5885h_v3_firmwareRange<V100R003C00SPC218
OR
huaweitecal_rh5885h_v3_firmwareRange<V100R003C10SPC120
OR
huaweifusionserver_rh8100_v3Range<V100R003C00SPC229
OR
huaweifusionserver_rh8100_v3Range<V100R003C00SPC229
OR
huaweirse6500Matchv500r002c00
OR
huaweismc2.0Matchv100r003c10
OR
huaweismc2.0Matchv500r002c00
OR
huaweitaishan200_2180k\[1\]Range<1.1.0.SPC133
OR
huaweitaishan200_2280\[1\]Range<1.0.0.SPC133
OR
huaweitaishan200_2280k\[1\]Range<1.1.0.SPC133
OR
huaweitaishan200_5280\[1\]Range<1.2.0.SPC133
OR
huaweivp9630Matchv600r006c10
OR
huaweivp9660Matchv600r006c10
OR
huaweixh310_v3_firmwareRange<V100R003C00SPC706
OR
huaweixh321_v3_firmwareRange<V100R003C00SPC706
OR
huaweixh620_v3_firmwareRange<V100R003C00SPC706
OR
huaweixh622_v3_server_firmwareRange<V100R003C00SPC706
OR
huaweixh628_v3_firmwareRange<V100R003C00SPC706
OR
huaweiecns280Matchv100r005c00
OR
huaweiese620x_vessMatchv100r001c00
OR
huaweiese620x_vessMatchv100r001c10
OR
huaweiimanager_netecoMatchv600r007c00
OR
huaweiimanager_netecoMatchv600r007c10
OR
huaweiimanager_netecoMatchv600r007c11
OR
huaweiimanager_netecoMatchv600r007c12
OR
huaweiimanager_netecoMatchv600r007c20
OR
huaweiimanager_netecoMatchv600r007c40
OR
huaweiimanager_netecoMatchv600r008c00
OR
huaweiimanager_netecoMatchv600r008c10
OR
huaweiimanager_netecoMatchv600r008c20
OR
huaweiimanager_netecoMatchv600r008c30
OR
huaweiimanager_neteco_6000Matchv600r007c40
OR
huaweiimanager_neteco_6000Matchv600r007c60
OR
huaweiimanager_neteco_6000Matchv600r007c80
OR
huaweiimanager_neteco_6000Matchv600r007c90
OR
huaweiimanager_neteco_6000Matchv600r008c00

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

65.7%