Solved: CPU vulnerability Meltdown

CasparThorup · ‎01-04-2018

Hi all,

Does anyone have any information from Veritas in regards to the new CPU vulnerability, Meltdown? I'm wondering if they have released plans to patch the issue.

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

Regards,

Caspar

CasparThorup · ‎01-23-2018

I just found the statement myself:

Veritas Appliance Statement on Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715)

https://www.veritas.com/support/en_US/article.100041496

View solution in original post

Mouse · ‎01-04-2018

I would not be that worried in this case - despite the flow being extremely serious, it's a local vulnerability and appliances don't run uncontrolled user code sans some OST plug-ins, hence if you have rights to execute a code on the appliance, you could read most of its data anyway.

CasparThorup · ‎01-05-2018

Agreed. I have also informed our management of the same. I dont really consider it such a threat to the appliances, but was just looking for some acknowledgement of the issue from Veritas.

They will have to wait for Red Hat to release a patch for it first at any rate.

Mark_Solutions · ‎01-05-2018

I have a case open with Veritas for exactly this issue to see how we stand with Appliances - nothing back as yet but once i get word i will update you with what is happening and what the Veritas position is.

Microsoft and AV companies seen to have moved quickly and fixes are expected within a week so i would expect RedHat and Veritas to be the same.

CasparThorup · ‎01-23-2018

Hi Mark,

Did you ever get a statement for Veritas about the vunerabilities?

CasparThorup · ‎01-23-2018

I just found the statement myself:

Veritas Appliance Statement on Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715)

https://www.veritas.com/support/en_US/article.100041496

VOX

CPU vulnerability Meltdown