Security Advisory - Side-Channel Vulnerability Variants 3a and 4
- SA No:huawei-sa-20180615-01-cpu
- Initial Release Date: Jun 15, 2018
- Last Release Date: Dec 30, 2020
Intel publicly disclosed new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown. These variants known as 3A (CVE-2018-3640)and 4 (CVE-2018-3639), local attackers may exploit these vulnerabilities to cause information leak on the affected system. (Vulnerability ID: HWPSIRT-2018-05139 and HWPSIRT-2018-05140)
Huawei has released software updates to fix these vulnerabilities in the following products.
This advisory will be updated as additional information becomes available, Please stay tuned. This advisory is available at the following link: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180615-01-cpu-en.
|
Product Name |
Affected Version |
Resolved Product and Version |
|
1288H V5 |
Versions earlier than V100R005C00SPC117 (BIOS V081) |
V100R005C00SPC117 (BIOS V081) |
|
2288H V5 |
Versions earlier than V100R005C00SPC117 (BIOS V081) |
V100R005C00SPC117 (BIOS V081) |
|
2488 V5 |
Versions earlier than V100R005C00SPC500 (BIOS V095) |
V100R005C00SPC500 (BIOS V095) |
|
2488H V5 |
Versions earlier than V100R005C00SPC203 (BIOS V095) |
V100R005C00SPC203 (BIOS V095) |
|
5288 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
AR3600 |
V200R006C10 |
AR3200 V200R009C00SPC500 |
|
BH620 V2 |
Versions earlier than V100R002C00SPC302 (BIOS V370) |
V100R002C00SPC302(BIOS V370) |
|
BH621 V2 |
Versions earlier than V100R002C00SPC301 (BIOS V370) |
V100R002C00SPC301 (BIOS V370) |
|
BH622 V2 |
Versions earlier than V100R002C00SPC309 (BIOS V521) |
V100R002C00SPC309 (BIOS V521) |
|
BH640 V2 |
Versions earlier than V100R002C00SPC307 (BIOS V521) |
V100R002C00SPC307 (BIOS V521) |
|
CH121 |
V100R001C00SPC305 |
CH221 V100R001C00SPC310 |
|
CH121 V3 |
Versions earlier than V100R001C00SPC261 (BIOS V399) |
V100R001C00SPC261 (BIOS V399) |
|
CH121 V5 |
Versions earlier than V100R001C00SPC131 (BIOS V081) |
V100R001C00SPC131 (BIOS V081) |
|
CH121H V3 |
Versions earlier than V100R001C00SPC121 (BIOS V399) |
V100R001C00SPC121 (BIOS V399) |
|
CH121L V3 |
Versions earlier than V100R001C00SPC161 (BIOS V399) |
V100R001C00SPC161 (BIOS V399) |
|
CH121L V5 |
Versions earlier than V100R001C00SPC131 (BIOS V081) |
V100R001C00SPC131 (BIOS V081) |
|
CH140 |
V100R001C00 |
V100R001C00SPC350 |
|
CH140 V3 |
Versions earlier than V100R001C00SPC181 (BIOS V399) |
V100R001C00SPC181 (BIOS V399) |
|
CH140L V3 |
Versions earlier than V100R001C00SPC161 (BIOS V399) |
V100R001C00SPC161 (BIOS V399) |
|
CH220 |
V100R001C00 |
V100R001C00SPC310 |
|
CH220 V3 |
Versions earlier than V100R001C00SPC261 (BIOS V399) |
V100R001C00SPC261 (BIOS V399) |
|
CH221 |
V100R001C00 |
V100R001C00SPC306 |
|
CH222 |
V100R002C00SPC305 |
V100R002C00SPC310 |
|
CH222 V3 |
Versions earlier than V100R001C00SPC261 (BIOS V399) |
V100R001C00SPC261 (BIOS V399) |
|
CH225 V3 |
Versions earlier than V100R001C00SPC161 (BIOS V399) |
V100R001C00SPC161 (BIOS V399) |
|
CH226 V3 |
Versions earlier than V100R001C00SPC181 (BIOS V399) |
V100R001C00SPC181 (BIOS V399) |
|
CH240 |
V100R001C00 |
V100R001C00SPC310 |
|
CH242 |
V100R001C00 |
V100R001C00SPC292 |
|
CH242 V3 |
Versions earlier than V100R001C00SPC331 (BIOS V358) |
V100R001C00SPC331 (BIOS V358) |
|
CH242 V3 DDR4 |
Versions earlier than V100R001C00SPC331 (BIOS V817) |
V100R001C00SPC331 (BIOS V817) |
|
CH242 V5 |
Versions earlier than V100R001C00SPC121 (BIOS V095) |
V100R001C00SPC121 (BIOS V095) |
|
FusionCompute |
V100R006C00 |
6.3.RC1 |
|
V100R006C10 |
||
|
FusionCube |
V100R002C02 |
FusionCube Tool V100R002C02SPC310 |
|
V100R002C30 |
||
|
V100R002C70 |
||
|
FusionSphere OpenStack |
V100R005C00 |
V100R006C30 |
|
V100R005C10SPC700 |
||
|
V100R005C10SPC701 |
||
|
V100R006C00 |
||
|
V100R006C10 |
||
|
V1R6C00RC1SPC1B060 |
||
|
HUAWEI MateBook (HZ-W09/ HZ-W19/ HZ-W29) |
Versions earlier than BIOS 1.52 |
1.52 |
|
HUAWEI MateBook B200/ MateBook D (PL-W09/ PL-W19/ PL-W29) |
Versions earlier than BIOS 1.21 |
1.21 |
|
HUAWEI MateBook D (MRC-W10/ MRC-W50/ MRC-W60) |
Versions earlier than BIOS 1.19 |
1.19 |
|
HUAWEI MateBook X Pro (MACH-W19/ MACH-W29) |
Versions earlier than BIOS 1.12 |
1.12 |
|
Honor MagicBook (VLT-W50/ VLT-W60) |
Versions earlier than BIOS 1.12 |
1.12 |
|
ManageOne |
3.0.5 |
6.3.0 |
|
3.0.7 |
||
|
3.0.8 |
||
|
3.0.9 |
||
|
OceanStor 18500 |
V100R001C30SPC300 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 18500 V3 |
V300R003C00 |
RH1288 V3 V100R003C00SPC706 |
|
V300R006C10SPC100 |
||
|
OceanStor 18500F V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 18800 |
V100R001C30SPC300 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 18800 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 18800F |
V100R001C30SPC300 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 18800F V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 5300 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 5500 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 5600 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 5800 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor 6800 V3 |
V300R006C10SPC100 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor HVS85T |
V100R001C00 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor HVS88T |
V100R001C00 |
RH1288 V3 V100R003C00SPC706 |
|
OceanStor ReplicationDirector |
V200R001C00 |
OceanStor BCManager V200R001C00SPC251 |
|
RH1288 V2 |
Versions earlier than V100R002C00SPC640 (BIOS 520) |
V100R002C00SPC640 (BIOS 520) |
|
RH1288 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
RH1288A V2 |
Versions earlier than V100R002C00SPC710 (BIOS V521) |
V100R002C00SPC710 (BIOS V521) |
|
RH2265 V2 |
Versions earlier than V100R002C00SPC510 (BIOS V519) |
V100R002C00SPC510 (BIOS V519) |
|
RH2268 V2 |
Versions earlier than V100R002C00SPC609 (BIOS V519) |
V100R002C00SPC609 (BIOS V519) |
|
RH2285 V2 |
Versions earlier than V100R002C00SPC511 (BIOS V521) |
V100R002C00SPC511 (BIOS V521) |
|
RH2285H V2 |
Versions earlier than V100R002C00SPC511 (BIOS V521) |
V100R002C00SPC511 (BIOS V521) |
|
RH2288 V2 |
Versions earlier than V100R002C00SPC610 (BIOS 520) |
V100R002C00SPC610 (BIOS 520) |
|
RH2288 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
RH2288A V2 |
Versions earlier than V100R002C00SPC710 (BIOS V521) |
V100R002C00SPC710 (BIOS V521) |
|
RH2288E V2 |
Versions earlier than V100R002C00SPC302 (BIOS V519) |
V100R002C00SPC302 (BIOS V519) |
|
RH2288H V2 |
Versions earlier than V100R002C00SPC620 (BIOS 520) |
V100R002C00SPC620 (BIOS 520) |
|
RH2288H V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
RH2485 V2 |
Versions earlier than V100R002C00SPC713 (BIOS V521) |
V100R002C00SPC713 (BIOS V521) |
|
RH5885 V2 4S |
Versions earlier than V100R001C02SPC306 (BIOS V038) |
V100R001C02SPC306 (BIOS V038) |
|
RH5885 V2 8S |
Versions earlier than V100R001C02SPC306 (BIOS V062) |
V100R001C02SPC306 (BIOS V062) |
|
RH5885 V3 (E7V2) |
Versions earlier than V100R003C01SPC127 (BIOS V358) |
V100R003C01SPC127 (BIOS V358) |
|
RH5885 V3 (E7V3&E7V4) |
Versions earlier than V100R003C10SPC121 (BIOS V817) |
V100R003C10SPC121 (BIOS V817) |
|
RH5885H V3 (E7V2) |
Versions earlier than V100R003C00SPC218 (BIOS V358) |
V100R003C00SPC218 (BIOS V358) |
|
RH5885H V3 (E7V3) |
Versions earlier than V100R003C00SPC218 (BIOS V660) |
V100R003C00SPC218 (BIOS V660) |
|
RH5885H V3 (E7V4) |
Versions earlier than V100R003C10SPC120 (BIOS V817) |
V100R003C10SPC120 (BIOS V817) |
|
RH8100 V3 (E7V2&E7V3) |
Versions earlier than V100R003C00SPC229 (BIOS V698) |
V100R003C00SPC229 (BIOS V698) |
|
RH8100 V3 (E7V4) |
Versions earlier than V100R003C00SPC229 (BIOS V817) |
V100R003C00SPC229 (BIOS V817) |
|
RSE6500 |
V500R002C00 |
V500R002C00SPCe00 |
|
SMC2.0 |
V100R003C10 |
V600R006C10SPC700 |
|
V500R002C00 |
||
|
TaiShan200 2180K[1] |
Versions earlier than 1.1.0.SPC133(BIOS V135K) |
TS200-2180K 1.1.0.SPC133(BIOS V135K) |
|
TaiShan200 2280[1] |
Versions earlier than 1.0.0.SPC133(BIOS V135) |
TS200-2280 1.0.0.SPC133(BIOS V135) |
|
TaiShan200 2280K[1] |
Versions earlier than 1.1.0.SPC133(BIOS V135K) |
TS200-2280K 1.1.0.SPC133(BIOS V135K) |
|
TaiShan200 5280[1] |
Versions earlier than 1.2.0.SPC133(BIOS V135) |
TS200-5280 1.2.0.SPC133(BIOS V135) |
|
VP9630 |
V600R006C10 |
VP9660 V600R019C00 |
|
VP9660 |
V600R006C10 |
V600R019C00 |
|
XH310 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
XH321 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
XH620 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
XH622 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
XH628 V3 |
Versions earlier than V100R003C00SPC706 (BIOS V399) |
V100R003C00SPC706 (BIOS V399) |
|
eCNS280 |
V100R005C00 |
V100R005C00SPC300 |
|
eSE620X vESS |
V100R001C00 |
eSE620X vESS V100R001C20SPC300 |
|
V100R001C10 |
||
|
iManager NetEco |
V600R007C00 |
iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
|
V600R007C10 |
||
|
V600R007C11 |
||
|
V600R007C12 |
||
|
V600R007C20 |
||
|
V600R007C40 |
||
|
V600R008C00 |
||
|
V600R008C10 |
||
|
V600R008C20 |
||
|
V600R008C30 |
||
|
iManager NetEco 6000 |
V600R007C40 |
iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
|
V600R007C60 |
||
|
V600R007C80 |
||
|
V600R007C90 |
||
|
V600R008C00 |
[1]Affected by CVE-2018-3639,not affected by CVE-2018-3640.
Local attackers may exploit these vulnerabilities to cause information leak on the affected system.
The vulnerability classification has been performed by using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document).
Base Score: 4.3 (AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
Temporal Score: 4.0 (E:F/RL:O/RC:C)
This vulnerability can be exploited only when the following conditions are present:
An attacker must be able to run crafted or script code on an affected device.
Vulnerability details:
In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel.
Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.
2020-12-30 V2.5 UPDATED Updated the "Software Versions and Fixes" section;
2020-08-12 V2.4 UPDATED Updated the "Software Versions and Fixes" section;
2020-07-30 V2.3 UPDATED Updated the "Software Versions and Fixes" section;
2020-07-22 V2.2 UPDATED Updated the "Software Versions and Fixes" section;
2020-07-22 V2.1 UPDATED Updated the "Software Versions and Fixes" section;
2020-04-08 V2.0 UPDATED Updated the "Software Versions and Fixes" section;
2019-09-10 V1.9 UPDATED Updated the "Software Versions and Fixes" section;
2019-03-05 V1.8 UPDATED Updated the "Software Versions and Fixes" section;
2018-08-08 V1.7 UPDATED Updated the "Software Versions and Fixes" section;
2018-07-20 V1.6 UPDATED Updated the "Software Versions and Fixes" section;
2018-07-17 V1.5 UPDATED Updated the "Software Versions and Fixes" section;
2018-07-05 V1.4 UPDATED Updated the "Software Versions and Fixes" section;
2018-07-04 V1.3 UPDATED Updated the "Software Versions and Fixes" section;
2018-07-04 V1.2 UPDATED Updated the "Software Versions and Fixes" section;
2018-06-26 V1.1 UPDATED Updated the "Software Versions and Fixes" section;
2018-06-15 V1.0 INITIAL
None
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
