The Meltdown and Spectre vulnerabilities were announced publicly on 3rd January 2018 and these vulnerabilities can affect a multitude of products.

Arbor has provided the following article ID 4149 at the Arbor Support Site. Whilst it is early days, engineering are exploring the possibility of a software patch, once the performance impacts of such a patch are better understood we will be able to further communicate an updated response.

CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Meltdown and Spectre Vulnerabilities
Answer ID 4149 Updated 01/05/2018 05:49 PM

What is the impact to Arbor Products on vulnerabilities CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Meltdown and Spectre?

Overview

On 03 January 2018 two new security vulnerabilities were announced broadly in the media. One is known as Meltdown (CVE-2017-5754) and the other is known as Spectre (CVE-2017-5753 and CVE-2017-5715). Both vulnerabilities exist due to flaws in CPU hardware implementations (including Intel, AMD, and ARM processors). These vulnerabilities concern an issue with certain processors (including Intel, AMD, and ARM processors) whereby an attacker can coerce a process into leaking privileged information from either its own memory space or from kernel memory.

Root Cause and Impact

At the time of this writing, all currently available and supported versions of Arbor products ship on a platform that is affected by these vulnerabilities. However, CVE-2017-5753 and CVE-2017-5715 are not impacting as Arbor does not utilize this functionality OR it is disabled by design prior to shipping. CVE-2017-5754 is low impact as exploitation of this vulnerability requires 'local access'; that is, the ability for an attacker to execute untrusted code on the target system. Arbor products do not allow non-admin users to execute arbitrary code on the appliance (this would require root access).

Impact on Arbor Products

Please see table below for details on product impact for each specific vulnerability:

CVE

Impact

CVE-2017-5753

No impact to Arbor products because BPF JIT is disabled at runtime in our kernel

CVE-2017-5715

No impact to Arbor products because they do not use the hypervisor host

CVE-2017-5754

Low impact because running arbitrary code on Arbor products requires root access

 

Additional References

 

About PlexNet

PlexNet is a dynamic company providing technical services and solutions to the Australian ICT marketplace.

The company’s founders have over 36 years of combined technical and sales experience. This ensures PlexNet is more than able to meet the needs of its current and prospective clients.

Over the last 15 years we have worked closely with many vendors and technology solutions and this experience defines what PlexNet is today. The demands of the IT and data communications industry across the Australian and global marketplace are constantly changing and we are fully cognisant of these changes and welcome the challenges they present

With major global partners such as NETSCOUT and Spirent Communications, and well supported by a number of other partners, PlexNet has an unparalleled solution and skill set.

Make Contact

­