RSS Feed
News
Jan
5

WIPL is aware and keeping a close watch on a recently disclosed security vulnerability that is affecting Intel, AMD and ARM processor architectures across servers, desktops & mobile devices. We will be updating all the affected infrastructure and our cloud images in the upcoming days, once the fix becomes available from OS vendors.

Website dedicated to this vulnerability -

https://meltdownattack.com 

https://spectreattack.com/

What is the difference between Meltdown and Spectre?

Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location. For a more technical discussion we refer to the papers ( Meltdown and Spectre)

Is there a workaround/fix?

There are patches against Meltdown for Linux ( KPTI (formerly KAISER)), Windows, and OS X. There is also work to harden software against future exploitation of Spectre, respectively to patch software after exploitation by Spectre .

Is there more technical information about Meltdown and Spectre?
Yes, there is an academic paper and a blog post about Meltdown, and an academic paper about Spectre. Furthermore, there is a Google Project Zero blog entry about both attacks.

Technical Overview

Several microarchitectural (hardware) implementation issues affecting many modern microprocessors have surfaced recently. As explained in Red Hat's security advisory, fixing these requires

"updates to the Linux kernel, virtualization-related components, and/or in combination with a microcode update. An unprivileged attacker can use these flaws to bypass conventional memory security restrictions in order to gain read access to privileged memory that would otherwise be inaccessible. There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. All three rely upon the fact that modern high performance microprocessors implement both speculative execution, and utilize VIPT (Virtually Indexed, Physically Tagged) level 1 data caches that may become allocated with data in the kernel virtual address space during such speculation.

The first two variants abuse speculative execution to perform bounds-check bypass (CVE-2017-5753), or by utilizing branch target injection (CVE-2017-5715) to cause kernel code at an address under attacker control to execute speculatively. Collectively these are known as "Spectre". Both variants rely upon the presence[ of a precisely-defined instruction sequence in the privileged code, as well as the fact that memory accesses may cause allocation into the microprocessor’s level 1 data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use these two flaws to read privileged memory by conducting targeted cache side-channel attacks. These variants could be used not only to cross syscall boundary (variant 1 and variant 2) but also guest/host boundary (variant 2).

The third variant (CVE-2017-5754) relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. Researchers have called this exploit "Meltdown". Subsequent memory accesses may cause an allocation into the L1 data cache even when they reference otherwise inaccessible memory locations. As a result, an unprivileged local attacker could read privileged (kernel space) memory (including arbitrary physical memory locations on a host) by conducting targeted cache side-channel attacks."

Fix on CentOSHow to patch Meltdown CPU Vulnerability CVE-2017-5754 and Spectre Vulnerability CVE-2017-5753/CVE-2017-5715 on Linux

Type the following yum command:

$ sudo yum update kernel

Reboot the instance

Fix on Debian/Ubuntu

Use the following apt-get command:

$ sudo apt-get update
$ sudo apt-get install kernel

Reboot the instance

Happy to help.

Kindly contact the support of any concerns that you may have. Please mail us at Support Team for any queries.

Thanks,

Team WIPL


Read more »



Nov
25
Lion Linux server is under reboot
Posted by Tanuj C :: WIPL on 25 November 2017 04:36 PM

Dear Customers,

Update : 2

The Server is back up and online.

=============================

Update : 1 - 5:30 PM

The server is running FSCK so it would take more time than we anticipate. We will get back to you as soon as the server would back online.

We regret the inconvenience caused to you due to this.

=============================

Due to some technical issue on our Lion linux server, we have rebooted the server and expect to back within 30 - 60 Mins.

We appreciate your patience during the reboot process.

Warm Regards,

Team WIPL


Read more »



Nov
18
WIPL Linux Shared Servers would be taken down for Kernel upgrade
Posted by Tanuj C :: WIPL on 18 November 2017 05:04 PM

Dear Customers,

Update - 1 : 9:00 PM

We have rebooted some of the server and some are still pending.

We will get back to you with new schedule for those servers.

========================

Servers Name : All WIPL Linux Shared Servers

Server Type : Linux Servers

Maintenance Window : 60 - 120 Minutes
Scheduled Time : Nov 21, 2017 - Between 07:00 PM - 09:00 PM IST ( GMT 5.30 + )

The above mentioned Server would be taken down for Kernel UPGRADE. We anticipate a total downtime of approx 60 - 120 minutes.

We had to decide the Kernel Upgrade to improve the performance of the servers.

Please feel free to contact us at support@mywipl.com for any further clarifications or assistance.

Warm Regards,

Team WIPL


Read more »




Help Desk Software by Kayako fusion