Is Spectrum impacted by x86 CPU vulnerabilities?
Article ID: 112435
Updated On:
Products
CA Spectrum
Issue/Introduction
Is Spectrum affected by the following vulnerabilities or the patches required to fix them?
CVE-2018-3615 - Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis
CVE-2018-3620 - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis
CVE-2018-3646 - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.
Environment
Release:
Component: SPCAEM
Component: SPCAEM
Resolution
CA Spectrum (all supported GA versions) are not affected by these vulnerabilities.
The patches can also be installed to resolve the vulnerabilities as Spectrum will function properly with them installed.
If there are any further concerns or questions, please contact CA Spectrum Support.
The patches can also be installed to resolve the vulnerabilities as Spectrum will function properly with them installed.
If there are any further concerns or questions, please contact CA Spectrum Support.
Feedback
Yes
No
Powered by
