Palo Alto - Information about Recent Intel Side Channel Vulnerabilities

Started by icecream-guy, May 30, 2019, 06:02:22 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

icecream-guy

May 30, 2019, 06:02:22 AM
Information about Recent Intel Side Channel Vulnerabilities
Summary
Palo Alto Networks has determined that WildFire Appliance (WF-500) and WildFire Cloud are affected by the recent vulnerability disclosures, known as Fallout, RIDL, and Zombieload. We are working to validate and implement software updates to address these issues. We will provide updates as they become available. (PAN-117746/CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091)
Severity: Low
Successful exploitation of this issue may allow reads from a compromised sandbox VM (guest OS) to retrieve data from other VMs (another guest OS) or the PAN-OS operating system, (host OS) as a result of breaching the separation between kernel and user address space. The analysis method utilized by the WildFire Appliance (WF-500) and WildFire Cloud helps to mitigate the impact of this issue.
PAN-OS and Panorama platforms are not directly impacted by these vulnerabilities because successful exploitation on PAN-OS devices requires an attacker to have already compromised the PAN-OS operating system. We will continue to monitor the situation and evaluate the patching options supplied by our partner vendors as they become available. We will continue to provide updates regarding software patches and/or other mitigations as they become available. For more background, please see the following https://researchcenter.paloaltonetworks.com/2018/01/understanding-affected-not-vulnerable/
Products Affected
WF-500 (WildFire Appliance) running any version of appliance software: PAN-OS 9.0, PAN-OS 8.1, PAN-OS 8.0 and PAN-OS 7.1.
WildFire Cloud is affected by this issue.
The Traps agent does not detect/prevent this specific type of CPU-level side-channel attack.
Available Updates
We will provide updates as more information becomes available. The security and stability of our products remain a top priority and we will continue to monitor this situation.
Workarounds and Mitigations
N/A

Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/.  If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support.
Regards,
Product Security Incident Response Team
Palo Alto Networks
:professorcat:

My Moral Fibers have been cut.
Print
Go Up Pages1
User actions