Huawei Cloud Services discovered information leak vulnerabilities
2020-12-25         Follow @huaweinewos Tweet to @huaweinewosHuawei discovered information leak vulnerabilities in Cloud Services and other related products. On December 23, Huawei released a security update to address vulnerabilities in cloud services and other related products. The products on the list should be upgraded as soon as possible.
Intel and security researchers previously disclosed three new processor-side channel vulnerabilities (CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646). Successful exploitation of these vulnerabilities could allow local attackers to read the memory of other processes under certain conditions. The researchers called these vulnerabilities “Foresight” and “Prediction-NG”. They are also called L1 terminal faults (L1TF) in the industry.
Customers should contact the Huawei Technical Support Center (Huawei TAC) to request an upgrade.
For TAC contact information, please visit Huawei’s global website http://www.huawei.com/en/psirt/report-vulnerabilities.
Click on the source link for more detailed information. Source: Huawei
Vulnerability detail:
CVE-2018-3615, CVE-2018-3620, CVE-2018-36464 Vulnerability level: important
A system with a microprocessor that uses speculative execution and address translation can allow unauthorized disclosure of information in the L1 data cache to an attacker through local user access through terminal page errors and secondary channel analysis.
Product name | Affected version | Repaired version |
1288H V5 | Versions earlier than V100R005C00SPC117 (BIOS V081) | V100R005C00SPC117 (BIOS V081) |
2288H V5 | Versions earlier than V100R005C00SPC117 (BIOS V081) | V100R005C00SPC117 (BIOS V081) |
Agile Controller-Campus | V100R001C00 | V100R003C30SPC100 |
Agile Controller-Campus | V100R002C00 | V100R003C30SPC100 |
Agile Controller-Campus | V100R002C10 | V100R003C30SPC100 |
BH620 V2 | Versions earlier than V100R002C00SPC302 (BIOS V370) | V100R002C00SPC302 (BIOS V370) |
BH621 V2 | Versions earlier than V100R002C00SPC301 (BIOS V370) | V100R002C00SPC301 (BIOS V370) |
BH622 V2 | Versions earlier than V100R002C00SPC309 (BIOS V521) | V100R002C00SPC309 (BIOS V521) |
BH640 V2 | Versions earlier than V100R002C00SPC307 (BIOS V521) | V100R002C00SPC307 (BIOS V521) |
CH242 V3 | Versions earlier than V100R001C00SPC331 (BIOS V358) | V100R001C00SPC331 (BIOS V358) |
EulerOS | V200R007C00 | V200R007C00SPC200 |
FusionCube | V100R002C02 | 3.01.2001 |
FusionCube | V100R002C30 | 3.01.2001 |
FusionCube | V100R002C70 | 3.01.2001 |
FusionSphere OpenStack | V100R006C00RC3B036 | V100R006C30SPC100 |
V100R006C10SPC112 | UVP KVM 2.5.RC9 | |
GTSOFTX3000 | V200R002C20 | V200R002C20SPC600 |
HUAWEI MateBook X Pro (MACH-W19/ MACH-W29) | Versions earlier than BIOS 1.12 | BIOS 1.12 |
RH1288 V2 | Versions earlier than V100R002C00SPC640 (BIOS 520) | V100R002C00SPC640 (BIOS 520) |
RH1288A V2 | Versions earlier than V100R002C00SPC710 (BIOS V521) | V100R002C00SPC710 (BIOS V521) |
RH2265 V2 | Versions earlier than V100R002C00SPC510 (BIOS V519) | V100R002C00SPC510 (BIOS V519) |
RH2268 V2 | Versions earlier than V100R002C00SPC609 (BIOS V519) | V100R002C00SPC609 (BIOS V519) |
RH2285 V2 | Versions earlier than V100R002C00SPC511 (BIOS V521) | V100R002C00SPC511 (BIOS V521) |
RH2285H V2 | Versions earlier than V100R002C00SPC511 (BIOS V521) | V100R002C00SPC511 (BIOS V521) |
RH2288 V2 | Versions earlier than V100R002C00SPC610 (BIOS 520) | V100R002C00SPC610 (BIOS 520) |
RH2288A V2 | Versions earlier than V100R002C00SPC710 (BIOS V521) | V100R002C00SPC710 (BIOS V521) |
RH2288E V2 | Versions earlier than V100R002C00SPC302 (BIOS V519) | V100R002C00SPC302 (BIOS V519) |
RH2288H V2 | Versions earlier than V100R002C00SPC620 (BIOS 520) | V100R002C00SPC620 (BIOS 520) |
RH2485 V2 | Versions earlier than V100R002C00SPC713 (BIOS V521) | V100R002C00SPC713 (BIOS V521) |
SMC2.0 | V500R002C00 | V600R006C10SPC800 |
UC Audio Recorder | V100R001C01 | eSpace Audio Recorder V100R001C01SPC100 |
UC Audio Recorder | V100R001C02 | eSpace Audio Recorder V100R001C02SPC300 |
VP9630 | V600R006C10 | V600R019C00 |
VP9660 | V600R006C10 | V600R019C00 |
eLog | V200R003C10 | V200R005C00SPC208 |
eLog | V200R003C20 | V200R005C00SPC208 |
eSpace U2980 | V100R001C01 | V100R001C10SPC601 |
eSpace U2980 | V100R001C02 | V100R001C10SPC601 |
eSpace U2980 | V100R001C10 | V100R001C10SPC601 |
eSpace U2980 | V200R003C00 | V100R001C10SPC601 |
eSpace UMS | V200R002C00 | V200R002C00SPC300 |
iManager NetEco | V600R007C00 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C10 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C11 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C12 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C20 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C30 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C40 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C50 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R007C60 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R008C00 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R008C10 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R008C20 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco | V600R008C30 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco 6000 | V600R007C40 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco 6000 | V600R007C60 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco 6000 | V600R007C80 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco 6000 | V600R007C90 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |
iManager NetEco 6000 | V600R008C00 | iManager NetEco 6000-TOOL_Linux_AutoInstall V600R007C00SPC260 |