Home > News content

Meltdown and Spectre security patches or impact performance: Redhat allows users to choose their own

via:博客园     time:2018/1/4 17:17:53     readed:294

Red Hat John Terrill said to Softpedia today that the company is making security updates for the supported operating system. But they also realize that the two hardware vulnerabilities that affect most modern processors, Meltdown and Spectre, may have a certain impact on performance. Given that some applications are more sensitive to performance, Red Hat will put the initiative of the deployment update to the user itself. Earlier today, security bulletins related to Meltdown and Spectre (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754) have been made public.

red-hat-says-security-updates-for-meltdown-spectre-bugs-may-affect-performance-519214-2.jpg

(Intel, AMD, POWER 8 / 9, IBM System Z, ARM chip spared)

This serious hardware flaw affects almost every modern microprocessor in the past 20 years. Even a privileged attacker can use three unique attack paths to bypass the constraints of the hardware and obtain read access to privileged memory.

In order to better understand the impact of new hardware vulnerabilities, Red Hat has been on the product security page based on open source technology.Transmission gate) summarize the reports of multiple sources, and the interested friends can see which versions are affected by this.

Denise Dumas, vice president of the Red Hat operating system platform, said:

These vulnerabilities to many modern microprocessors have had a wide impact on the industry. It allows an attacker to bypass read access restrictions of privileged memory, which can not be done by other bypass attacks.

In short, an ulterior attacker can steal sensitive information from every computer, mobile device, and even cloud deployment.

According to Red Hat, the affected system version is as follows:

Red Hat Enterprise Linux 7.x / 6.x / 5.x series;

Red Hat Enterprise Linux for Real Time;

Red Hat Enterprise Linux for SAP Applications / SAP HANA / SAP Solutions;

Red Hat Enterprise MRG 2;

Red Hat OpenShift 3.x / 2.x series;

Red Hat Virtualization (RHEV-H/RHV-H) 4.1 / 3.6;

Red Hat OpenStack Platform 12 / 11 / 10 / 9 / 8 / 7 / 6.

[compiled from:Soft Pedia]

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments