[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Spectre/Meltdown impact on network devices

Subject: Spectre/Meltdown impact on network devices
From: mohta at necom830.hpcl.titech.ac.jp (Masataka Ohta)
Date: Mon, 8 Jan 2018 18:49:34 +0900
In-reply-to: <[email protected]>
References: <[email protected]> <CAP-guGXxsBhProDZ6HKv2zeNrqz+eXM2U42H0u26FRfcnp-VcA@mail.gmail.com> <[email protected]> <[email protected]>

Jason Gmail wrote:

> The only business I've been looking at is AWS
> 
> https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

It merely says:

	All instances across the Amazon EC2 fleet are protected from
	all known threat vectors from the CVEs previously listed.

not spectre in general.

But, as mentioned in:

	https://access.redhat.com/security/cve/cve-2017-5715
	It relies on the presence of a precisely-defined instruction
	sequence in the privileged code

and

	https://access.redhat.com/security/cve/cve-2017-5753
	It relies on the presence of a precisely-defined instruction
	sequence in the privileged code

CVEs previously listed are spectre attacks between privileged and
unprivileged codes, which means spectre attack between
unprivileged codes is still possible with AWS, which is why
we should avoid cloud servers, until CPU hardware is fixed.

							Masataka Ohta

References:
- Spectre/Meltdown impact on network devices
  - From: jean at ddostest.me (Jean | ddostest.me)
- Spectre/Meltdown impact on network devices
  - From: bill at herrin.us (William Herrin)
- Spectre/Meltdown impact on network devices
  - From: mohta at necom830.hpcl.titech.ac.jp (Masataka Ohta)

Prev by Date: Blockchain and Networking
Next by Date: Customer woes and ps3 network
Previous by thread: Spectre/Meltdown impact on network devices
Next by thread: Spectre/Meltdown impact on network devices
Index(es):
- Date
- Thread