google-site-verification: google30a059f9a075f398.html

Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers

CyberWisdom Safe Harbor Commentary:

Today I came across this story from securityaffairs.co that highlights an interesting fact that Red Hat will release an updated, spectre vulnerability that rescues previous patches (variant 2, aka CVE-2017-5715).
Shortly after Spectre and Meltdown patches were released, many experts considered it to have a significant impact on the performance and stability of the systems on which they are running.

Although Meltdown and Spectre Variant 1 can theoretically be remediated by patching the operating system, Spectre Variant 2 requires firmware/microcode updates to solve this problem.

Now Red Hat is associated with a list of companies that found problems after installing the patch and is releasing an update to resume a previous patch for the spectre vulnerability (variant 2, also known as CVE-2017-5715).

The company decided to reinstate the initial security update because it received complaints from some customers about system startup failures.

Red Hat recommends its customers contact their OEM hardware provider for the latest firmware release to ease CVE-2017-5715.

Red Hat Security is currently advising users to contact their CPU OEMs to download the latest microcode_ctl and linux-firmware packages for their processors. ”

“The latest microcode_ctl and linux-firmware packages from Red Hat do not include a solution for the exploitation of CVE-2017-5715 (variant 2) Exploit Red Hat no longer provides microcode due to the instability that caused the client system to fail to boot Resolved the issue of Spectre, variant 2. Thelatest microcode_ctl and linux-firmware packages bring these unstable microprocessor firmware changes back to a known stable and well-tested version and were banned by Spectre/Meltdown on January 3 Shipped prior to the upgrade date. Customers are advised to contact their chip vendor for the latest microcode for their particular processor. ”

CVE-2017-5715

Other releases based on Red Hat Enterprise Linux (such as CentOS) may experience similar problems and may need to restore the Spectre Variant 2 security update.

The company advises customers to visit the Red Hat Customer Portal Labs application to verify that the system has the necessary microprocessor firmware to address CVE-2017-5715 (variant 2):

Read more…

Red Hat is going to release updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715). Just after the release of Spectre and Meltdown patches many experts argued a significative impact on performance and stability of systems running them. While Meltdown and Spectre Variant 1 could be theoretically being addressed by Engaging post, Read More…

thumbnail courtesy of securityaffairs.co.

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers