Meltdown and Spectre Vulnerabilities
Server
22 May. 2018
 

(Update 2018/07/02)

Fixed BIOS for projects with below CPU are available. Please refer to ‘’Table 1 - BIOS updates for CVE-2018-3639 & CVE-2018-3640’’ below for more details.
(1) Intel® Xeon® Scalable Processor Family (Skylake),
(2) Intel® Xeon® Processor E3v5 & E3v6 product family (Skylake E3)
(3) Intel® Xeon® Processor E5v3, E5v4, E3v3 and E3v4 Product Family (Haswell & Broadwell)
(4) Rackgo X Leopard Cave

 

============ 

 

New security vulnerabilities, CVE-2018-3639 and CVE-2018-3640 are derivatives of speculative execution side-channel analysis methods publicly disclosed in January 2018.(CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754). They could facilitate the unauthorized exposure of privileged data from memory.

As intel’s recommendation, mitigation of these 2 variants require both BIOS and OS/VMM update. QCT will have fixed BIOS with new microcode release starting from wk23. QCT will keep providing frequent and real-time update info once Intel releases further message or updated microcode. For OS/VMM update, please contact your OS or VM vendors for detail information.

 

No.

CVE#

Mitigation options

Intel SA #

CVSS

link

Variant 4
(Speculative Store Bypass)

CVE-2018-3639

Microcode update + OS/VMM

Intel-SA-00115

4.3 Medium
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2018-3639

Variant 3a
(Rogue System Register Read)

CVE-2018-3640

4.3 Medium CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2018-3640

 

 

Table 1 - BIOS updates for CVE-2018-3639 & CVE-2018-3640

QCT servers

CPU

BIOS fixed version

BIOS release week

D52B-1U

 

Intel® Xeon® Scalable Processor Family (Skylake)

3A11.Q10 2018 ww27
D52BQ
T42S-2U
T42SP-2U
T42D-2U
D52T-1ULH

D52BV-2U

D52G-4U

Q72D-2U

3A10.02
D51B-1U/2U Intel® Xeon® Processor E5v3 & E5v4 Product Family
(Haswell & Broadwell)
S2B_3B10.08 2018 ww25
T41S-2U S2S_3B10.03
T21P-4U S2P_3B08.07
T41SP-2U S2S_3B10.03
D51PH-1ULH S2P_3B08.07
T21SR-2U S2S_3B10.03
D51PL-4U S2P_3B08.07
D51BV-2U S2B_3B10.08
D51PS-1U S2P_3B08.07
D51BP-1U/2U S2BP3B10.04
D51PC-1U S2P_3B08.07
S31A-1U Intel® Xeon® Processor E3-1200 v5 & 1200 v6 product family (Skylake E3) S3A_3B09.04 2018 ww25
X10E-9N S3E_3B09.03
Rackgo X Leopard Cave Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) F06A3C16.03
SD1Q-1ULH Intel® Xeon-D (Broadwell) S1Q_3A12.02 2018 ww28
Q71L-4U Intel® Xeon® processor E7 v2, v3 and v4 product family (Ivy Bridge EX, Haswell EX) S4L_3C04.02 2018 ww28
S910-X31E Intel® Xeon® Processor E3-1200 v3 & v4 Product Family (Broadwell E3 & Haswell E3) S1E_3B01.03 2018 ww27
S810-X52L Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) S2L_4A18 2018 ww28 (depending on Intel microcode release schedule)
S210-X12RS (1U) S2RS4A21 2018 ww28 (depending on Intel microcode release schedule or debug-fixed schedule)
S210-X22RQ (2U) S2RS4A21 2018 ww28 (depending on Intel microcode release schedule or debug-fixed schedule)
S210-X12MS S2MS3B12 2018 ww29
S210-X2A2J S2J_3A32.02 2018 ww30 (depending on Intel microcode release schedule)
S200-X22TQ S2TQ3B06.02 2018 ww30 (depending on Intel microcode release schedule)
S200-X12TS S2TS3B06.02 2018 ww30 (depending on Intel microcode release schedule)
F06A Intel® Xeon® Processor E5v3 & E5v4 Product Family
(Haswell & Broadwell)
F06A3C16.03 2018 ww25 (depending on Intel microcode release schedule or debug-fixed schedule)
F03A Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) F03A3A09 2018 ww30 (depending on Intel microcode release schedule)

 

[Remark]
Regarding Customized BIOS, please contact your account sales for release schedule and BIOS with microcode.
 
 
*External reference