Global Technical Service E-mail:serversupport@inspur.com Europe Technical Service E-mail:eu@inspur.com
Security Notice - Statement on the Side Channel Vulnerabilities "MDS" of Chips
Initial Release Date:2019-05-30 16:54:49
Last Release Date:2019-06-14 10:13:01
Security Notices:

On May 14, 2019, Intel disclosed four new side channel vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091), Intel unified this series of vulnerabilities into Microarchitectural Data Sampling vulnerabilities. The exploitation of these vulnerabilities requires an attacker to embed malicious code in the target device, mainly for local use. In some cases, it may also be remotely exploited through JS code and malicious websites. These attack methods can be effective in both PC and cloud environments. They can cause applications, operating system virtual machines, and trusted execution environments to disclose sensitive information, including passwords, website content, disk encryption keys, and browser history.

Inspur has issued Security Advisory (SA) for these vulnerabilities. Inspur provides product vulnerability solutions through SA.

Inspur Products Affected:

NF5888M5

NF5466M5

NS5484M5

NF5170M4

TS860M5

NF8260M5

NS5482M5

NF8480M4

NF5468M5

NS5162M5

NX5460M5

NF5270M4

NF5180M5

NF5266M5

NF5288M5

NF8460M4

NF5280M5

SN5161M5

SA5212M4

NF5460M4

NF8380M5

NF8480M5

NF5180M4

NX8X80M4

NF5270M5

NS5488M5

NF5280M4

TS860G3

Revision History:

2019-06-11 V1.1 UPDATED Increase the link of SA

2019-06-08 V1.1 UPDATED Increase the list of affected products

2019-05-30 V1.0 INITIAL

Inspur Security Procedures:

Inspur is committed to ensuring user safety, working to resolve issues quickly when problems arise, and providing recommendations through security advisories and security notices.

If you have information about a security issue or vulnerability with Inspur products and solutions, please send an e-mail to sec@inspur.com. For details, please visit:

http://en.inspur.com/en/2402164/2458348/index.html

Reference links:

[1]Intel: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

[2]Red Hat: https://access.redhat.com/security/vulnerabilities/mds

[3]Microsoft: https://support.microsoft.com/en-us/help/4457951/windows-guidance-to-protect-against-speculative-execution-side-channel

ABOUT US

Inspur Group Core Values Partners News Events

SUPPORT

Download Center Service & Warranty
  • E-Waste Collection Service
  • Security Bulletins
  • WHERE TO BUY

    Where to buy

    CONTACT US

    Contact Us Join Us

    FOLLOW INSPUR

    Facebook Instagram Twitter

    Copyright © 2018 Inspur. All Rights Reserved.

    inspur logo
    • Support:

      1-844-860-0011

    • Sales Inquiries:

      1-800-697-5893