Environment
iPrint Appliance 2.1
iPrint Appliance 3.1
iPrint Appliance 3.1
Situation
The Meltdown and Spectre
vulnerabilities exploit critical vulnerabilities in modern processors.
These hardware vulnerabilities allow programs to steal data which is
currently processed on the computer. While programs are typically not
permitted to read data from other programs, a malicious program can
exploit Meltdown and Spectre to get hold of secrets stored in the memory
of other running programs on the vulnerable physical or virtual host.
To help mitigate this hardware implementation related flaw on the software layer, SUSE as an operating system vendor is preparing mitigation for these side channel attacks in the Linux kernel. Since the iPrint appliances are provided as an appliance running on SLES-11, the kernel updates provided by SUSE are required to mitigate these vulnerabilities.
To help mitigate this hardware implementation related flaw on the software layer, SUSE as an operating system vendor is preparing mitigation for these side channel attacks in the Linux kernel. Since the iPrint appliances are provided as an appliance running on SLES-11, the kernel updates provided by SUSE are required to mitigate these vulnerabilities.
Resolution
Apply fixes to 2.1 and 3.x through the Online Update feature. These fixes were made available late January 2018.
Additional Information
For more details, please consult https://meltdownattack.com and https://spectreattack.com.
SUSE TID: https://www.suse.com/support/kb/doc/?id=7022512
CVE-2017-5753
CVE-2017-5715
CVE-2017-5754
SUSE TID: https://www.suse.com/support/kb/doc/?id=7022512
CVE-2017-5753
CVE-2017-5715
CVE-2017-5754