ESXI

Processor Vulnerabilities – Meltdown and Spectre effected VMware products

du2phy5psbh5o8xffpio

Vulnerabilities potentially impacting all major processor vendors were disclosed today by Google Project Zero. These vulnerabilities have been named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715). Organizations should inventory their systems by processor type, apply vendor patches as they become available, and track their progress

Overview

Meltdown allows any application to access all system memory, including memory allocated for the kernel. Mitigation for this vulnerability will require operating system patches and potentially firmware updates. Patches for this vulnerability may have a performance impact on systems. So far, only Intel chips have been shown to be vulnerable.

Spectre allows an application to force another application to access arbitrary portions of its memory, which can then be read through a side channel. This vulnerability may require changes to processor architecture in order to fully mitigate. According to Google Project Zero, this vulnerability impacts Intel, AMD, and ARM chips.

VMware effected product  

  • VMware vSphere ESXi (ESXi)
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion Pro / Fusion (Fusion)

VMware Security Advisories Hypervisor-Specific Remediation have more details about this Vulnerabilities and how to patch them , check this link security adviser updated new “VMSA-2018-0002.1”

Update : Meltdown (CVE-2017-5754) does not affect ESXi, Workstation, and Fusion because ESXi does not run untrusted user mode code, and Workstation and Fusion rely on the protection that the underlying operating system provides

Update 09-01-2018 : New Security adviser for Hypervisor-Assisted Guest Remediation    VMSA-2018-0004 Security advisory updated 10-01-2018  “VMSA-2018-0004.1”  Security advisory updated  2018-01-12   “VMSA-2018-0004.2”

so the correct action for now to check both VMware Security Advisories “VMSA-2018-0002.1” and “VMSA-2018-0004.2” read them carefully check all link inside the advisers and apply the VMware recommended patches .
 Update 12-01-2018 : for a number of Intel Haswell and Broadwell processors VMware recommandtion for  ESXi hosts that have not yet applied one of the following patches ESXi650-201801402-BG, ESXi600-201801402-BG, or ESXi550-201801401-BG, VMware recommends not doing so at this time. It is recommended to apply the patches listed in  “VMSA-2018-0002.1” instead , please check this link for more info

i will keep this post updated so make sure to check it periodically

for more information about this Vulnerabilities check below links

Intel Sightings in ESXi Bundled Microcode Patches for VMSA-2018-0004 (52345)

VMware Response to Speculative Execution security issues, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 (aka Spectre and Meltdown) (52245)

Hypervisor-Assisted Guest Mitigation for branch target injection (52085)

https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html?src=so_5a314d05ddb83&cid=70134000001SkJd

Runecast Analyzer detects Spectre and Meltdown Vulnerabilities within vSphere Clusters

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715

https://thehackernews.com/2018/01/meltdown-spectre-vulnerability.html

https://thehackernews.com/2018/01/intel-kernel-vulnerability.html

https://blog.qualys.com/securitylabs/2018/01/03/processor-vulnerabilities-meltdown-and-spectre

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s