20180124

Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners

January 22, 2018

Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners



【外部リンク】

https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/

We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.



【外部リンク】

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

Intel ID:  INTEL-SA-00088

Product family:  Systems with Speculative Execution

Impact of vulnerability:  Information Disclosure

Severity rating:  Important

Original release:  Jan 03, 2018

Last revised:  Jan 22, 2018



Affected products:

For non-Intel based systems please contact your system manufacturer or microprocessor vendor (AMD, ARM, Qualcomm, etc.) for updates.

The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.



Intel® Core™ i3 processor (45nm and 32nm)

Intel® Core™ i5 processor (45nm and 32nm)

Intel® Core™ i7 processor (45nm and 32nm)

Intel® Core™ M processor family (45nm and 32nm)

2nd generation Intel® Core™ processors

3rd generation Intel® Core™ processors

4th generation Intel® Core™ processors

5th generation Intel® Core™ processors

6th generation Intel® Core™ processors

7th generation Intel® Core™ processors

8th generation Intel® Core™ processors

Intel® Core™ X-series Processor Family for Intel® X99 platforms

Intel® Core™ X-series Processor Family for Intel® X299 platforms

Intel® Xeon® processor 3400 series

Intel® Xeon® processor 3600 series

Intel® Xeon® processor 5500 series

Intel® Xeon® processor 5600 series

Intel® Xeon® processor 6500 series

Intel® Xeon® processor 7500 series

Intel® Xeon® Processor E3 Family

Intel® Xeon® Processor E3 v2 Family

Intel® Xeon® Processor E3 v3 Family

Intel® Xeon® Processor E3 v4 Family

Intel® Xeon® Processor E3 v5 Family

Intel® Xeon® Processor E3 v6 Family

Intel® Xeon® Processor E5 Family

Intel® Xeon® Processor E5 v2 Family

Intel® Xeon® Processor E5 v3 Family

Intel® Xeon® Processor E5 v4 Family

Intel® Xeon® Processor E7 Family

Intel® Xeon® Processor E7 v2 Family

Intel® Xeon® Processor E7 v3 Family

Intel® Xeon® Processor E7 v4 Family

Intel® Xeon® Processor Scalable Family

Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series

Intel® Atom™ Processor C Series

Intel® Atom™ Processor E Series

Intel® Atom™ Processor A Series

Intel® Atom™ Processor x3 Series

Intel® Atom™ Processor Z Series

Intel® Celeron® Processor J Series

Intel® Celeron® Processor N Series

Intel® Pentium® Processor J Series

Intel® Pentium® Processor N Series



【外部リンク】

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf

microcode revision guidance

January 23 2018

Microcode revision list –client

2

For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the

option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This

would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).

Product Names Public Name CPUID

STOP

deployment of

these MCU

versions

Continue

use of these MCU

versions Comments

Coffee Lake-S + KBL PCH 8th Generation Intel® Core™ Desktop Processor Family 906EB 80 0x72

Kaby Lake Refresh U4+2 8th Generation Intel® Core™ Mobile Processor Family 806EA 80 0x70

Kaby Lake U/Y, U23e 7th Generation Intel® Core™ Mobile Processors 806E9 80 0x70

Kaby Lake H/S/X/G, 7th Generation Intel® Core™ Processor Family 906E9 80 0x70

Skylake X Intel® Core™ i9 79xxX, 78xxX 50654 0200003A 0200002E

Skylake U/Y/U23e 6th Generation Intel® Core™ m Processors 406E3 000000C2 0xBE

Skylake H/S 6th Generation Intel® Core™ Processor Family 506E3 000000C2 0xBE

Broadwell U/Y 5th Generation Intel® Core™ Processor Family, Intel®

Pentium® Mobile Processor Family, and Intel® Celeron®

Mobile Processor Family

306D4 28 0x25

Broadwell H 5th Generation Intel® Core™ Mobile Processor Family 40671 0000001B 0x17

Haswell ULT 4th Generation Intel® Core™ Mobile Processor Family,

Intel® Pentium® Mobile Processor Family, and Intel®

Celeron® Mobile Processor Family

40651 21 0x20

Haswell Perf Intel® Core™ Extreme Processor (5960x, 5930x, 5820x) 40661 18 0x17

Haswell 4th Generation Intel® Core™ Mobile Processor Family,

Intel® Pentium® Mobile Processor Family, and Intel®

Celeron® Mobile Processor Family

306C3 23 0x22

Ivy Bridge 3rd Generation Intel® Core™ Mobile Processor Family, Intel®

Pentium® Mobile Processor Family, and Intel® Celeron® Mobile

Processor Family

306A9 N/A 0x1C Intel did not post a variant #2

mitigation MCU for this product

Sandy Bridge Intel® Core™ i3-21xx/23xx-T/M/E/UE Processor, Intel® Core™

i5-23xx/24xx/25xx-T/S/M/K Processor

Intel® Core™ i7-2xxx-S/K/M/QM/LE/UE/QE Processor

Intel® Core™ i7-29xxXM Extreme Processor

Intel® Celeron® Desktop G4xx, G5xx Processor

Intel® Celeron® Mobile 8xx, B8xx Processor

Intel® Pentium® Desktop 350, G6xx, G6xxT, G8xx Processor

Intel® Pentium® Mobile 9xx, B9xx Processor

206A7 N/A 0x29 Intel did not post a variant #2

mitigation MCU for this product

Microcode revision list –datacenter/ workstation

3

For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the

option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This

would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).

Product Names Public Name CPUID STOP deployment of these

MCU versions

Continue

use of these MCU versions Comments

Sandy Bridge Intel® Xeon® Processor E3-1200 Product Family 206A7 N/A 0x29 Intel did not post a variant #2 mitigation MCU for this product

Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family

Intel® Pentium® Processor 1405

206D7 N/A 0x710 Intel did not post a variant #2 mitigation MCU for this product

Sandy Bridge E, EN, EP, EP4S Intel® Xeon® Processor E5 Product Family

Intel® Pentium® Processor 1405

206D6 N/A 0x619 Intel did not post a variant #2 mitigation MCU for this product

Ivy Bridge Intel® Xeon® Processor E3-1200 v2 Product Family 306A9 N/A 0x1C Intel did not post a variant #2 mitigation MCU for this product

Ivy Bridge EN, EP Intel® Xeon® Processor E5v2 Product Family 306E4 0x42a 0x428

Ivy Bridge EX Intel® Xeon® Processor E7v2 Product Family 306E7 N/A 0x70D Intel did not post a variant #2 mitigation MCU for this product

Haswell EP, EN Intel® Xeon® Processor E5v3 Product Family 306F2 0x3b 0x3a

Haswell EX Intel® Xeon® Processor E7v3 Product Family 306F4 0x10 0x9 (M), 0xF (L)

Haswell Intel® Xeon® Processor E3-1200 v3 Product Family 306C3 23 0x22

Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50662 0x14 0xF

Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50663 0x7000011 0x700000D

Broadwell DE Intel® Xeon® Processor D-1500 Product Family 50664 N/A 0x700000A Intel did not post a variant #2 mitigation MCU for this product

Broadwell NS Intel® Xeon® Processor D-1500 NS Product Family 50665 N/A N/A Intel did not post a variant #2 mitigation MCU for this product

Broadwell Intel® Xeon® Processor E3v4 Product Family 40671 0000001B 0x17

Broadwell E, EP, EP4S, EX Intel® Xeon® Processor E5v4 Product Family

Intel® Xeon® Processor E7v4 Product Family

406F1 0x25, 0x23 0x22

Kaby Lake (Xeon E3) 7th Generation Intel® Core™ Processor Family 906E9 0x80 0x5e

Skylake (Xeon E3) Intel Xeon Processor E3-1200 v5 Product Family 506E3 000000C2 0xBE

Skylake SP

Basin Falls

Intel® Xeon® Scalable Processor Family

Intel® Xeon® Processor W Product Family

50654 0x3a, 0x3c 0x39



【外部リンク】

https://newsroom.intel.com/press-kits/security-exploits-intel-products/

The Newest:

Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners



By Date:

Jan. 3, 2018: Intel Responds to Security Research Findings

Jan. 4, 2018: Intel Issues Updates to Protect Systems from Security Exploits

Jan. 4, 2018: Industry Testing Shows Recently Released Security Updates Not Impacting Performance in Real-World Deployments

Jan. 8, 2018: Intel CEO Addresses Security Research Findings during 2018 CES Keynote Address

Jan. 9, 2018: Intel Offers Security Issue Update

Jan. 10, 2018: Intel Security Issue Update: Initial Performance Data Results for Client Systems

Jan. 11, 2018: Intel’s Security-First Pledge

Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues

Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center System



【外部リンク】

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

News & Performance Data Results

Jan. 22, 2018: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners

Jan. 17, 2018: Firmware Updates and Initial Performance Data for Data Center Systems (Includes performance data results)



Jan. 11, 2018: Intel Security Issue Update: Addressing Reboot Issues





















--

注目の投稿

cURL error 60: SSL certificate problem: unable to get local issuer certificate

cURL error 60: SSL certificate problem: unable to get local issuer certificate 更新失敗: ダウンロードに失敗しました。 cURL error 60: SSL certificate problem: ...

人気の投稿