Hi all,
Does anyone have any information from Veritas in regards to the new CPU vulnerability, Meltdown? I'm wondering if they have released plans to patch the issue.
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
Regards,
Caspar
I just found the statement myself:
Veritas Appliance Statement on Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715)
I would not be that worried in this case - despite the flow being extremely serious, it's a local vulnerability and appliances don't run uncontrolled user code sans some OST plug-ins, hence if you have rights to execute a code on the appliance, you could read most of its data anyway.
Agreed. I have also informed our management of the same. I dont really consider it such a threat to the appliances, but was just looking for some acknowledgement of the issue from Veritas.
They will have to wait for Red Hat to release a patch for it first at any rate.
I have a case open with Veritas for exactly this issue to see how we stand with Appliances - nothing back as yet but once i get word i will update you with what is happening and what the Veritas position is.
Microsoft and AV companies seen to have moved quickly and fixes are expected within a week so i would expect RedHat and Veritas to be the same.
