Aviso de seguridad: Spectre y Meltdown

gitmarzo 17, 2018octubre 06, 2022Seguridad

En respuesta a las vulnerabilidades referidas como Spectre y Meltdown las cuales están identificadas como (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754).

Desde su creación Appztek siempre ha tenido la seguridad de sus clientes como la primera prioridad. Se han establecido fuertes procesos de análisis y remediación de vulnerabilidades así como las mejores prácticas en todas sus aplicaciones y sistemas operativos.

Es importante entender que estas vulnerabilidades estan basadas en la arquitectura de los procesadores y afecta multiples tipos de dispositivos desde mobiles hasta servidores de alto rendimiento. Estas vulnerabilidades se mantuvieron en SECRETO debido a un NDA que expiro este pasado 9 de enero y fue publicado por el proyecto Zero de google, referencia aqui.

En Appztek se ha realizado un inventario exhaustivo de los procesadores que forman parte de la aplicacion la mayoria de la infraestrucutra corre en Amazon quien ya ha tomado acciones para reparar este problema, informacion aqui de cualquier forma Appztek tiene la resposabilidad de asegurar sus aplicaciones.

Cada uno de los diferentes sistemas operativos creo sus parches especificos.

Ubuntu

Redhat

Suse

Appztek cuenta con una infraestructura centralizada desde donde se configuran y validan todas las configuraciones de seguridad.

Estas vulnerabilidades en resumen son 3 diferentes vectores de ataque.

Spectre

Variant 1

Bounds Check Bypass

CVE-2017-5753

Spectre

Variant 2

Branch Target Injection

CVE-2017-5715

Meltdown

Variant 3

Rogue Data Cache Load

CVE-2017-5754

Basicamente estas vulnerabilidades permiten hacer un dump del kernel corriendo en una maquina virtual o moverte entre maquinas virtuales para poder leer otras maquinas en la misma hipervisora, es lo que las hace tan peligrosas.

En github hay un script que verifica estas vulnerabilidades, una salida con un kernel ya actualizado se ve de la siguiente forma (todos los sistemas de appztek reporta salidas similares):



Spectre and Meltdown mitigation detection tool v0.35

Checking for vulnerabilities on current system
Kernel is Linux
CPU is Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available: YES
* CPU indicates IBRS capability: NO
* Indirect Branch Prediction Barrier (IBPB)
* PRED_CMD MSR is available: YES
* CPU indicates IBPB capability: NO
* Single Thread Indirect Branch Predictors (STIBP)
* SPEC_CTRL MSR is available: YES
* CPU indicates STIBP capability: NO
* Enhanced IBRS (IBRS_ALL)
* CPU indicates ARCH_CAPABILITIES MSR availability: NO
* ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO
* CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO
* CPU microcode is known to cause stability problems: YES (model 63 stepping 2 ucode 0x3b)

The microcode your CPU is running on is known to cause instability problems,
such as intempestive reboots or random crashes.
You are advised to either revert to a previous microcode version (that might not have
the mitigations for Spectre), or upgrade to a newer one if available.

* CPU vulnerability to the three speculative execution attacks variants
* Vulnerable to Variant 1: YES
* Vulnerable to Variant 2: YES
* Vulnerable to Variant 3: YES

CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel has array_index_mask_nospec: UNKNOWN (couldn't check (missing 'readelf' tool, please install it, usually it's in the 'binutils' package))
* Kernel has the Red Hat/Ubuntu patch: UNKNOWN (missing 'strings' tool, please install it, usually it's in the binutils package)
* Checking count of LFENCE instructions following a jump in kernel... UNKNOWN (couldn't check (missing 'readelf' tool, please install it, usually it's in the 'binutils' package))
> STATUS: NOT VULNERABLE (Mitigation: OSB (observable speculation barrier, Intel v6))

CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Mitigation 1
* Kernel is compiled with IBRS/IBPB support: YES
* Currently enabled features
* IBRS enabled for Kernel space: NO
* IBRS enabled for User space: NO
* IBPB enabled: NO
* Mitigation 2
* Kernel compiled with retpoline option: YES
* Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation)
> STATUS: NOT VULNERABLE (Mitigation: Full generic retpoline)

CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3'
* Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active)
* Kernel supports Page Table Isolation (PTI): YES
* PTI enabled and active: YES
* Running as a Xen PV DomU: NO
> STATUS: NOT VULNERABLE (Mitigation: PTI)

131 Comments

Henryler dice:

10/07/2024 a las 9:17 pm

mexican drugstore online: cmq pharma mexican pharmacy – medicine in mexico pharmacies
Michaelbok dice:

11/07/2024 a las 2:28 am

buying from online mexican pharmacy
https://cmqpharma.online/# buying prescription drugs in mexico online
mexican online pharmacies prescription drugs
Davidsoype dice:

19/07/2024 a las 9:02 pm

world pharmacy india: buy medicines online in india – best india pharmacy
Davidsoype dice:

20/07/2024 a las 2:16 am

Online medicine home delivery: top 10 pharmacies in india – world pharmacy india
MichaelChoit dice:

20/07/2024 a las 3:21 am

reputable mexican pharmacies online: mexico pharmacy – mexico pharmacy
Davidsoype dice:

20/07/2024 a las 7:11 am

Online medicine order: indianpharmacy com – top 10 pharmacies in india
Davidsoype dice:

20/07/2024 a las 12:29 pm

п»їbest mexican online pharmacies: reputable mexican pharmacies online – buying from online mexican pharmacy
MichaelChoit dice:

20/07/2024 a las 12:53 pm

buying prescription drugs in mexico online: mexico pharmacies prescription drugs – mexico pharmacy
Edwardtop dice:

20/07/2024 a las 5:23 pm

https://canadapharmast.com/# best canadian pharmacy online
MichaelChoit dice:

20/07/2024 a las 9:46 pm

pharmacies in mexico that ship to usa: buying from online mexican pharmacy – best online pharmacies in mexico
Davidsoype dice:

20/07/2024 a las 11:09 pm

best online pharmacy india: top online pharmacy india – indian pharmacy online
Davidsoype dice:

21/07/2024 a las 4:11 am

indian pharmacy online: cheapest online pharmacy india – best india pharmacy
MichaelChoit dice:

21/07/2024 a las 7:09 am

best online pharmacy india: п»їlegitimate online pharmacies india – reputable indian pharmacies
Davidsoype dice:

21/07/2024 a las 9:13 am

purple pharmacy mexico price list: buying prescription drugs in mexico – buying prescription drugs in mexico
ThomasJucky dice:

21/07/2024 a las 10:31 am

http://doxycyclinedelivery.pro/# doxycycline price australia
ThomasJucky dice:

21/07/2024 a las 6:56 pm

https://clomiddelivery.pro/# where can i get generic clomid no prescription
ThomasJucky dice:

22/07/2024 a las 3:13 am

https://ciprodelivery.pro/# ciprofloxacin 500 mg tablet price
ThomasJucky dice:

22/07/2024 a las 11:08 am

https://doxycyclinedelivery.pro/# doxycycline 100 mg pill
ThomasJucky dice:

22/07/2024 a las 6:54 pm

http://paxloviddelivery.pro/# paxlovid for sale
ThomasJucky dice:

23/07/2024 a las 2:44 am

http://doxycyclinedelivery.pro/# where can i buy doxycycline
ThomasJucky dice:

23/07/2024 a las 9:51 am

http://amoxildelivery.pro/# amoxicillin 500mg prescription
ThomasJucky dice:

23/07/2024 a las 5:39 pm

http://amoxildelivery.pro/# amoxicillin no prescription
ThomasJucky dice:

24/07/2024 a las 1:55 am

http://doxycyclinedelivery.pro/# doxycycline 300 mg cost
ArnoldDoorb dice:

29/07/2024 a las 3:58 am

medicine in mexico pharmacies mexican pharmacy buying prescription drugs in mexico online
Wayneapper dice:

29/07/2024 a las 7:57 am

mexican drugstore online: mexico drug stores pharmacies – mexican mail order pharmacies
DominicHiz dice:

29/07/2024 a las 7:58 am

reputable mexican pharmacies online: mexico drug stores pharmacies – mexico pharmacies prescription drugs
ArnoldDoorb dice:

29/07/2024 a las 10:56 am

mexican mail order pharmacies buying prescription drugs in mexico online purple pharmacy mexico price list
Wayneapper dice:

29/07/2024 a las 2:53 pm

buying prescription drugs in mexico: buying from online mexican pharmacy – buying prescription drugs in mexico
DominicHiz dice:

29/07/2024 a las 2:54 pm

mexico pharmacies prescription drugs: mexico drug stores pharmacies – purple pharmacy mexico price list
Richardzen dice:

29/07/2024 a las 4:37 pm

https://mexicandeliverypharma.online/# mexican pharmaceuticals online
ArnoldDoorb dice:

29/07/2024 a las 5:56 pm

mexican rx online mexican online pharmacies prescription drugs medicine in mexico pharmacies
Wayneapper dice:

29/07/2024 a las 10:01 pm

mexican mail order pharmacies: purple pharmacy mexico price list – buying prescription drugs in mexico online
ArnoldDoorb dice:

30/07/2024 a las 1:37 am

mexican border pharmacies shipping to usa mexico pharmacy mexican border pharmacies shipping to usa
Nelsonhax dice:

30/07/2024 a las 3:33 am

medicine in mexico pharmacies: buying from online mexican pharmacy – mexico drug stores pharmacies
DominicHiz dice:

30/07/2024 a las 6:01 am

mexican rx online: buying prescription drugs in mexico – mexican online pharmacies prescription drugs
Wayneapper dice:

30/07/2024 a las 6:05 am

medicine in mexico pharmacies: п»їbest mexican online pharmacies – mexican mail order pharmacies
DominicHiz dice:

30/07/2024 a las 2:13 pm

purple pharmacy mexico price list: buying prescription drugs in mexico online – mexican drugstore online
Wayneapper dice:

30/07/2024 a las 2:22 pm

mexican mail order pharmacies: п»їbest mexican online pharmacies – reputable mexican pharmacies online
ArnoldDoorb dice:

30/07/2024 a las 5:55 pm

pharmacies in mexico that ship to usa purple pharmacy mexico price list mexico pharmacies prescription drugs
Nelsonhax dice:

30/07/2024 a las 8:04 pm

п»їbest mexican online pharmacies: mexican pharmaceuticals online – mexican border pharmacies shipping to usa
DominicHiz dice:

30/07/2024 a las 10:15 pm

pharmacies in mexico that ship to usa: п»їbest mexican online pharmacies – mexican rx online
Wayneapper dice:

30/07/2024 a las 10:28 pm

buying prescription drugs in mexico online: mexico pharmacies prescription drugs – mexico drug stores pharmacies
ArnoldDoorb dice:

31/07/2024 a las 2:02 am

mexican border pharmacies shipping to usa mexican rx online mexican border pharmacies shipping to usa
Nelsonhax dice:

31/07/2024 a las 4:18 am

medication from mexico pharmacy: medicine in mexico pharmacies – mexican mail order pharmacies
Wayneapper dice:

31/07/2024 a las 6:30 am

buying prescription drugs in mexico online: mexico drug stores pharmacies – buying prescription drugs in mexico online
ArnoldDoorb dice:

31/07/2024 a las 10:03 am

buying prescription drugs in mexico online buying prescription drugs in mexico online pharmacies in mexico that ship to usa
Nelsonhax dice:

31/07/2024 a las 12:28 pm

mexican pharmaceuticals online: mexican rx online – mexico drug stores pharmacies
DominicHiz dice:

31/07/2024 a las 2:20 pm

mexican mail order pharmacies: mexico drug stores pharmacies – buying from online mexican pharmacy
ArnoldDoorb dice:

31/07/2024 a las 6:02 pm

mexican drugstore online mexican pharmaceuticals online mexican online pharmacies prescription drugs
Nelsonhax dice:

31/07/2024 a las 8:19 pm

mexican online pharmacies prescription drugs: best online pharmacies in mexico – mexican rx online
DominicHiz dice:

31/07/2024 a las 9:57 pm

pharmacies in mexico that ship to usa: medicine in mexico pharmacies – purple pharmacy mexico price list
Wayneapper dice:

31/07/2024 a las 10:16 pm

mexican border pharmacies shipping to usa: buying from online mexican pharmacy – mexican pharmaceuticals online
Nelsonhax dice:

01/08/2024 a las 4:06 am

reputable mexican pharmacies online: pharmacies in mexico that ship to usa – buying from online mexican pharmacy
DominicHiz dice:

01/08/2024 a las 5:37 am

best online pharmacies in mexico: mexican drugstore online – mexican pharmaceuticals online
Wayneapper dice:

01/08/2024 a las 5:59 am

mexican rx online: mexican drugstore online – buying prescription drugs in mexico
ArnoldDoorb dice:

01/08/2024 a las 9:27 am

reputable mexican pharmacies online reputable mexican pharmacies online mexico pharmacies prescription drugs
Nelsonhax dice:

01/08/2024 a las 11:59 am

pharmacies in mexico that ship to usa: purple pharmacy mexico price list – п»їbest mexican online pharmacies
DominicHiz dice:

01/08/2024 a las 1:22 pm

mexican pharmaceuticals online: buying prescription drugs in mexico online – mexican online pharmacies prescription drugs
Wayneapper dice:

01/08/2024 a las 1:47 pm

best online pharmacies in mexico: mexican drugstore online – mexican pharmaceuticals online
ArnoldDoorb dice:

01/08/2024 a las 5:17 pm

reputable mexican pharmacies online mexican border pharmacies shipping to usa pharmacies in mexico that ship to usa
DominicHiz dice:

01/08/2024 a las 9:08 pm

reputable mexican pharmacies online: mexican online pharmacies prescription drugs – buying from online mexican pharmacy
Nelsonhax dice:

02/08/2024 a las 3:58 am

buying prescription drugs in mexico: buying prescription drugs in mexico – medication from mexico pharmacy
Wayneapper dice:

02/08/2024 a las 5:40 am

reputable mexican pharmacies online: buying prescription drugs in mexico – reputable mexican pharmacies online
ArnoldDoorb dice:

02/08/2024 a las 9:02 am

purple pharmacy mexico price list mexican mail order pharmacies medicine in mexico pharmacies
Nelsonhax dice:

02/08/2024 a las 12:04 pm

medicine in mexico pharmacies: п»їbest mexican online pharmacies – purple pharmacy mexico price list
ArnoldDoorb dice:

02/08/2024 a las 4:38 pm

mexico pharmacy buying prescription drugs in mexico online reputable mexican pharmacies online
Nelsonhax dice:

02/08/2024 a las 7:59 pm

buying from online mexican pharmacy: buying prescription drugs in mexico – mexican mail order pharmacies
DominicHiz dice:

02/08/2024 a las 8:05 pm

medication from mexico pharmacy: pharmacies in mexico that ship to usa – mexican drugstore online
Wayneapper dice:

02/08/2024 a las 9:21 pm

mexican online pharmacies prescription drugs: medication from mexico pharmacy – medicine in mexico pharmacies
ArnoldDoorb dice:

02/08/2024 a las 11:54 pm

mexican pharmaceuticals online mexico pharmacy medicine in mexico pharmacies
DominicHiz dice:

03/08/2024 a las 3:16 am

mexican pharmaceuticals online: mexican pharmaceuticals online – best online pharmacies in mexico
Nelsonhax dice:

03/08/2024 a las 3:42 am

п»їbest mexican online pharmacies: mexican pharmaceuticals online – п»їbest mexican online pharmacies
Wayneapper dice:

03/08/2024 a las 4:55 am

mexican online pharmacies prescription drugs: п»їbest mexican online pharmacies – pharmacies in mexico that ship to usa
ArnoldDoorb dice:

03/08/2024 a las 7:12 am

mexican pharmaceuticals online mexico drug stores pharmacies buying from online mexican pharmacy
DominicHiz dice:

03/08/2024 a las 10:43 am

mexican rx online: mexico drug stores pharmacies – mexican drugstore online
Nelsonhax dice:

03/08/2024 a las 11:44 am

mexico drug stores pharmacies: buying prescription drugs in mexico – mexico drug stores pharmacies
Wayneapper dice:

03/08/2024 a las 12:53 pm

mexico pharmacies prescription drugs: purple pharmacy mexico price list – mexican online pharmacies prescription drugs
DominicHiz dice:

03/08/2024 a las 6:13 pm

п»їbest mexican online pharmacies: buying from online mexican pharmacy – buying from online mexican pharmacy
Nelsonhax dice:

03/08/2024 a las 7:47 pm

buying prescription drugs in mexico online: pharmacies in mexico that ship to usa – best online pharmacies in mexico
Robertsoppy dice:

04/08/2024 a las 5:54 am

generic zithromax online paypal zithromax drug zithromax buy online
MatthewGlutt dice:

04/08/2024 a las 6:13 am

order propecia without insurance: buying generic propecia – order propecia
PatrickGloft dice:

04/08/2024 a las 6:22 am

http://propeciabestprice.pro/# get propecia without dr prescription
Lewishoult dice:

04/08/2024 a las 7:21 am

https://nolvadexbestprice.pro/# tamoxifen hot flashes
Robertsoppy dice:

04/08/2024 a las 12:32 pm

zithromax buy online zithromax cost canada buy cheap zithromax online
MatthewGlutt dice:

04/08/2024 a las 1:18 pm

zithromax 250 mg pill: zithromax 500 mg lowest price drugstore online – zithromax 500mg price
PatrickGloft dice:

04/08/2024 a las 1:36 pm

http://zithromaxbestprice.pro/# how to get zithromax over the counter
Lewishoult dice:

04/08/2024 a las 3:59 pm

http://propeciabestprice.pro/# propecia without prescription
Robertsoppy dice:

04/08/2024 a las 7:05 pm

order generic propecia pill cost of propecia without insurance cost of generic propecia without rx
MatthewGlutt dice:

05/08/2024 a las 4:25 am

zithromax 500 tablet: generic zithromax 500mg india – zithromax 500mg
MatthewGlutt dice:

05/08/2024 a las 11:37 am

20 mg prednisone: prednisone 20 mg without prescription – 2.5 mg prednisone daily
MatthewGlutt dice:

05/08/2024 a las 6:50 pm

prednisone 10mg online: prednisone 50 – prednisone otc uk
MatthewGlutt dice:

06/08/2024 a las 2:00 am

prednisone capsules: how can i order prednisone – 10 mg prednisone
RandyGak dice:

07/08/2024 a las 1:30 pm

migliori farmacie online 2024: Farmacie on line spedizione gratuita – farmaci senza ricetta elenco
TomasWhasp dice:

07/08/2024 a las 1:35 pm

acquistare farmaci senza ricetta: kamagra – farmacia online senza ricetta
RandyGak dice:

07/08/2024 a las 8:24 pm

comprare farmaci online con ricetta: Cialis generico farmacia – farmaci senza ricetta elenco
TomasWhasp dice:

07/08/2024 a las 9:15 pm

farmaci senza ricetta elenco: avanafil 100 mg prezzo – farmacie online sicure
RandyGak dice:

08/08/2024 a las 3:36 am

comprare farmaci online all’estero: kamagra gel prezzo – farmacie online sicure
RandyGak dice:

08/08/2024 a las 11:05 am

Farmacie on line spedizione gratuita: Avanafil 50 mg – farmacia online piГ№ conveniente
TomasWhasp dice:

08/08/2024 a las 1:27 pm

п»їFarmacia online migliore: Cialis generico prezzo – farmaci senza ricetta elenco
RandyGak dice:

08/08/2024 a las 6:39 pm

Farmacie online sicure: kamagra – top farmacia online
TomasWhasp dice:

09/08/2024 a las 1:30 am

farmacia online: farmacia online migliore – Farmacie online sicure
RandyGak dice:

09/08/2024 a las 1:46 am

Farmacie on line spedizione gratuita: avanafil generico – comprare farmaci online con ricetta
GeorgeTweda dice:

09/08/2024 a las 1:25 pm

how does viagra work: Cheap Viagra 100mg – cheap viagra
GeorgeTweda dice:

09/08/2024 a las 9:30 pm

low cost cialis: cheapest tadalafil – canadian pharmacy viagra cialis
GeorgeTweda dice:

10/08/2024 a las 6:48 am

cialis dapoxetine online canada: Buy Cialis online – coupons for cialis
GeorgeTweda dice:

10/08/2024 a las 4:13 pm

viagra generic: Viagra without a doctor prescription – viagra price
LeonardNaila dice:

11/08/2024 a las 2:22 am

http://indiapharmacy.shop/# india pharmacy
DouglasChuts dice:

11/08/2024 a las 2:35 am

buy erectile dysfunction medication: Cheapest online ED treatment – buy ed pills
DouglasChuts dice:

11/08/2024 a las 10:41 am

reputable indian online pharmacy: Cheapest online pharmacy – buy prescription drugs from india
DouglasChuts dice:

11/08/2024 a las 6:41 pm

mexican drugstore online: mexico pharmacy win – buying from online mexican pharmacy
LeonardNaila dice:

12/08/2024 a las 1:43 am

http://edpillpharmacy.store/# п»їed pills online
DouglasChuts dice:

12/08/2024 a las 2:46 am

buy prescription drugs from india: Top mail order pharmacies – cheapest online pharmacy india
DouglasChuts dice:

12/08/2024 a las 11:14 am

mexican pharmaceuticals online: Mexico pharmacy online – reputable mexican pharmacies online
DouglasChuts dice:

12/08/2024 a las 6:58 pm

reputable indian pharmacies: Cheapest online pharmacy – buy prescription drugs from india
DouglasChuts dice:

13/08/2024 a las 2:18 am

Online medicine order: Top online pharmacy in India – cheapest online pharmacy india
DouglasChuts dice:

13/08/2024 a las 10:11 am

world pharmacy india: Indian pharmacy international shipping – indian pharmacy
LeonardNaila dice:

13/08/2024 a las 7:23 pm

https://edpillpharmacy.store/# erectile dysfunction meds online
DouglasChuts dice:

14/08/2024 a las 2:08 am

buy prescription drugs from india: Indian pharmacy online – top online pharmacy india
LeonardNaila dice:

14/08/2024 a las 6:46 am

http://edpillpharmacy.store/# where can i get ed pills
DouglasChuts dice:

14/08/2024 a las 9:47 am

buy ed medication online: cheap ed pills online – how to get ed pills
DouglasChuts dice:

14/08/2024 a las 5:27 pm

online pharmacy india: Online India pharmacy – best india pharmacy
LeonardNaila dice:

14/08/2024 a las 6:11 pm

https://edpillpharmacy.store/# erectile dysfunction medications online
DouglasChuts dice:

15/08/2024 a las 1:05 am

top 10 online pharmacy in india: Online pharmacy – india pharmacy
LeonardNaila dice:

15/08/2024 a las 5:32 am

https://edpillpharmacy.store/# order ed meds online
DouglasChuts dice:

15/08/2024 a las 8:49 am

buying from online mexican pharmacy: Best pharmacy in Mexico – pharmacies in mexico that ship to usa
DouglasChuts dice:

15/08/2024 a las 4:15 pm

where can i get ed pills: Cheapest online ED treatment – order ed meds online
DouglasChuts dice:

16/08/2024 a las 5:24 am

п»їlegitimate online pharmacies india: Cheapest online pharmacy – indian pharmacy paypal
DouglasChuts dice:

16/08/2024 a las 6:51 pm

Online medicine order: Cheapest online pharmacy – indian pharmacy online
JamesSex dice:

19/08/2024 a las 12:33 am

alternatives to tamoxifen: tamoxifen for sale – tamoxifen and antidepressants
Stephengauch dice:

19/08/2024 a las 12:44 am

https://lisinopril.guru/# generic lisinopril
JamesSex dice:

19/08/2024 a las 8:24 am

lasix generic name: buy furosemide – buy lasix online

131 Comments

Deja un comentario