本站点使用cookies,继续浏览表示您同意我们使用cookies。Cookies和隐私政策
华为注意到有媒体于2018年1月2日发布了有关CPU架构中存在芯片漏洞的信息,利用这些漏洞攻击者可以使用侧信道攻击方式获取内核内存数据。1月3日Google project Zero公布了"Meltdown"和"Spectre"漏洞的详细信息。华为第一时间启动了分析调查,并与相关的CPU和操作系统供应商进行了沟通。
客户可以部署华为NGFW(下一代防火墙)或者数据中心防火墙产品,并升级IPS特征库至2018年1月8日发布的版本(IPS_H20011000_2018010800)以检测和防护来自于网络层面的该漏洞攻击。
华为已经发布了安全预警(SA),SA链接:http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180106-01-cpu-cn。相关的调查工作还在持续进行,华为PSIRT会随时更新此安全公告,请持续关注。
客户可以通过华为TAC (Huawei Technical Assistance Center)寻求关于产品安全漏洞的必要支持。TAC的联系方式见链接http://www.huawei.com/cn/psirt/report-vulnerabilities。
运营商客户可以登录华为support网站查看受影响情况,相关链接:
http://support.huawei.com/carrier/docview!docview?nid=NEWS2100007603&path=PBI1-8132379
受影响产品:
1288H V5 |
CH220 |
RH1288 V2 |
2288H V5 |
CH220 V3 |
RH1288 V3 |
2488 V5 |
CH221 |
RH1288A V2 |
2488H V5 |
CH222 |
RH2265 V2 |
5288 V3 |
CH222 V3 |
RH2268 V2 |
AR100 |
CH225 V3 |
RH2285 V2 |
AR100-S |
CH226 V3 |
RH2285H V2 |
AR110-S |
CH240 |
RH2288 V2 |
AR120 |
CH242 V3 |
RH2288 V3 |
AR120-S |
DH320 V2 |
RH2288A V2 |
AR1220C |
DH321 V2 |
RH2288E V2 |
AR1500 |
DH626 V2 |
RH2288H V2 |
AR151-S2 |
DH628 V2 |
RH2288H V3 |
AR160 (Exclude AR160F) |
eAPP610 |
RH2485 V2 |
AR160-S (Exclude AR160F-S) |
eSpace 8950 |
RH5885 V2 |
AR2204-XGE |
eSpace ECS |
RH5885 V3 |
AR3600 |
eSpace UMS |
RH5885H V3 |
AR500 |
eSpace USM |
RH8100 V3 |
AR510 |
EulerOS |
RSE6500 |
AR532 |
FusionCloud |
SMC2.0 |
AR550C |
FusionCompute |
SRG1320E |
AR550E |
FusionCube |
SRG550C |
BH622 V2 |
FusionSphere |
UC Audio Recorder |
BH640 V2 |
iManager NetEco 6000 |
VP9630 |
CH121 |
Kunlun 9008 |
VP9660 |
CH121 V3 |
Kunlun 9016 |
XH320 V2 |
CH121 V5 |
Kunlun 9032 |
XH321 V2 |
CH121H V3 |
MateBook (HZ-W09/ HZ-W19/ HZ-W29) |
XH321 V3 |
CH121L V3 |
MateBook B200/ MateBook D (PL-W09/ PL-W19/ PL-W29) |
XH620 V3 |
CH121L V5 |
MateBook D (MRC-W10/ MRC-W50/ MRC-W60) |
XH621 V2 |
CH140 |
MateBook E (BL-W09/ BL-W19) |
XH622 V3 |
CH140 V3 |
MateBook X (WT-W09/ WT-W19) |
XH628 V3 |
CH140L V3 |
NFVI |
|
不受影响产品:
AC6605 |
eSpace U1980 |
OceanStor S5600T |
AD9430DN-12-FAT |
eSpace U1981 |
OceanStor S5800T |
AD9430DN-24-FAT |
FusionAccess |
OceanStor S5900 |
AP2050DN |
FusionManager |
OceanStor S6800T |
AP2050DN-E |
iManager U2100 |
OceanStor S6900 |
AP2050DN-S |
IPC6112-D |
OceanStor SNS2120 |
AP4030TN |
IPC6122-D |
OceanStor SNS2124 |
AP4050DN-E |
IPC6122-P |
OceanStor SNS2224 |
AP4050DN-HD |
IPC6232-IR |
OceanStor SNS2248 |
AP430-E |
IPC6611-Z30-I |
OceanStor SNS2624 |
AP5030DN-C |
IPC6621-Z30-I |
OceanStor SNS3096 |
AP6010DN-AGN |
IPE |
OceanStor SNS3664 |
AP6050DN |
MicroDC |
OceanStor SNS5120 |
AP6150DN |
NetCOL |
OceanStor SNS5192 |
AP7050DE |
NetEngine16EX |
OceanStor SNS5384 |
AP7050DN-E |
NIP5000I |
OceanStor SNS5604 |
AP8130DN-W |
OceanStor 18500 |
OceanStor SNS5608 |
AP9131DN |
OceanStor 18500 V5 |
OceanStor Toolkit |
AR1200 |
OceanStor 18500F V3 |
OceanStor UltraPath |
AR1200-S |
OceanStor 18500F V5 |
OceanStor VIS6300 |
AR150 |
OceanStor 18800 |
OceanStor VIS6600 |
AR150-S |
OceanStor 18800 V3 |
OceanStor VIS6600T |
AR160F |
OceanStor 18800 V5 |
OceanStor VTL Solution |
AR160F-S |
OceanStor 18800F |
OceanStor VTL6900 |
AR200 |
OceanStor 18800F V3 |
OptiX RTN 620 |
AR200-S |
OceanStor 18800F V5 |
R250D-E |
AR2200 |
OceanStor 2200 V3 |
RP200 |
AR2200-S |
OceanStor 2600 V3 |
S12700 |
AR2500 |
OceanStor 2600F V3 |
S5700 |
AR28-11 |
OceanStor 2800 V3 |
S7700 |
AR29-21 |
OceanStor 2800 V5 |
S9700 |
AR3200 |
OceanStor 5100 V3 |
Seco VSM |
AR3200-S |
OceanStor 5300 V3 |
Secospace AntiDDoS1500-D |
AR46-40 |
OceanStor 5300 V5 |
Secospace AntiDDoS1520 |
AR46-80 |
OceanStor 5300F V5 |
Secospace AntiDDoS1550 |
AR49-45 |
OceanStor 5500 V3 |
Secospace AntiDDoS8000 |
AR530 |
OceanStor 5500 V5 |
Secospace AntiDDoS8030 |
AR550 |
OceanStor 5500F V3 |
Secospace AntiDDoS8080 |
AR-DCP |
OceanStor 5500F V5 |
Secospace AntiDDoS8160 |
ASG2050 |
OceanStor 5600 V3 |
Secospace USG6600 |
ASG2100 |
OceanStor 5600 V5 |
SeMG9811 |
ASG2150 |
OceanStor 5600F V3 |
SMSC |
ASG2200 |
OceanStor 5600F V5 |
SMSGW |
ASG2600 |
OceanStor 5800 V3 |
SoftCo |
ASG2800 |
OceanStor 5800 V5 |
SRG2300 |
CloudEngine 12800 |
OceanStor 5800F V3 |
SRG3300 |
CloudEngine 5800 |
OceanStor 5800F V5 |
TE Desktop |
CloudEngine 6800 |
OceanStor 6800 V3 |
TE Mobile |
CSB |
OceanStor 6800 V5 |
TE30 |
DP300 |
OceanStor 6800F V3 |
TE30-V |
DSM |
OceanStor 6800F V5 |
TE40 |
E6000 |
OceanStor 6900 V3 |
TE50 |
E6000 Chassis |
OceanStor 9000 |
TE60 |
EG860-D61 |
OceanStor 9000S |
TP3106 |
ES3000 |
OceanStor Backup Software |
UAP3300 |
eSpace 7800 Series |
OceanStor BCManager |
UMA |
eSpace 7910 |
OceanStor DJ |
UPS2000 |
eSpace 7950 |
OceanStor Dorado2100 G2 |
USG9500 |
eSpace IAD |
OceanStor Dorado5000 V3 |
USG9520 |
eSpace Mobile |
OceanStor Dorado5100 |
USG9560 |
eSpace NVR6008 |
OceanStor Dorado6000 V3 |
USG9580 |
eSpace NVR6008-1U |
OceanStor HDP3500E |
VC Integration Module |
eSpace NVR6016 |
OceanStor N8500 |
ViewPoint 8660 |
eSpace NVR6032 |
OceanStor Onebox |
ViewPoint GK |
eSpace POM |
OceanStor ReplicationDirector |
ViewPoint MM |
eSpace SBC |
OceanStor S2200T |
ViewPoint RM |
eSpace U1910 |
OceanStor S2600T |
VPC620 |
eSpace U1911 |
OceanStor S2900 |
VPC800 |
eSpace U1930 |
OceanStor S3900 |
X6000 |
eSpace U1960 |
OceanStor S5500T |
X8000 |
2018-08-06 V2.2 UPDATED 刷新受影响和不受影响产品列表
2018-04-09 V2.1 UPDATED 刷新受影响和不受影响产品列表
2018-02-27 V2.0 UPDATED 刷新安全公告部分
2018-02-24 V1.9 UPDATED 刷新受影响和不受影响产品列表
2018-02-11 V1.8 UPDATED 刷新受影响和不受影响产品列表
2018-01-26 V1.7 UPDATED 刷新受影响和不受影响产品列表
2018-01-25 V1.6 UPDATED 刷新不受影响产品列表
2018-01-18 V1.5 UPDATED 刷新受影响产品列表
2018-01-12 V1.4 UPDATED 刷新受影响产品列表
2018-01-11 V1.3 UPDATED 刷新受影响产品列表
2018-01-09 V1.2 UPDATED 刷新受影响产品列表
2018-01-06 V1.1 UPDATED 增加受影响产品列表和SA链接
2018-01-04 V1.0 INITIAL
华为一贯主张尽全力保障产品用户的最终利益,遵循负责任的安全事件披露原则,并通过产品安全问题处理机制处理产品安全问题。
获取华为公司安全应急响应服务及华为产品漏洞信息,请访问http://www.huawei.com/cn/psirt。
反馈华为产品和解决方案安全问题,请反馈至华为PSIRT邮箱PSIRT@huawei.com,详情参考http://www.huawei.com/cn/psirt/report-vulnerabilities。
Intel: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
ARM:https://developer.arm.com/support/security-update
Microsoft:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Red Hat:https://access.redhat.com/security/vulnerabilities/speculativeexecution