Meltdown und Spectre: Die Sicherheitshinweise und Updates von Hardware- und Software-Herstellern

Hersteller von Hard- und Software sind von den Sicherheitslücken Meltdown und Spectre gleichermaßen betroffen. Eine Linkübersicht zu Stellungnahmen, weiterführenden Informationen und Update-Hinweisen.

Informationsseiten und Updates

Amazon
Processor Speculative Execution Research Disclosure

AMD
An Update on AMD Processor Security

Android
Android Security Bulletin—January 2018

Apple
About speculative execution vulnerabilities in ARM-based and Intel CPUs

ARM
Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism

Chromium Project
Actions Required to Mitigate Speculative Side-Channel Attack Techniques

CERT Software Engineering Institute Carnegie Mellon University
Vulnerability Note VU#584653: CPU hardware vulnerable to side-channel attacks

Cisco
CPU Side-Channel Information Disclosure Vulnerabilities

Google
Google’s Mitigations Against CPU Speculative Execution Attack Methods

Intel
Intel Responds to Security Research Findings
Intel Issues Updates to Protect Systems from Security Exploits

Linux Foundation
x86/kpti: Kernel Page Table Isolation

Microsoft
January 3, 2018—KB4056892 (OS Build 16299.192)
Windows Server guidance to protect against speculative execution side-channel vulnerabilities
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

Microsoft Edge
Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer

Microsoft Azure
Securing Azure customers from CPU vulnerability

Mozilla
Mitigations landing for new class of timing attack

Nvidia
Nvidia’s response to speculative side channels CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754

Redhat
Kernel Side-Channel Attacks – CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

SUSE
SUSE Addresses Meltdown and Spectre Vulnerabilities

Ubuntu
Ubuntu Updates for the Meltdown / Spectre Vulnerabilities

XEN
Advisory

2018-01-08T16:10:39+00:00