Isilon and spectre/meltdown vulnerbilities

Question

Hi, As per article 516617 (link below) and the recent spectre/meltdown vulnerabilities, the article states the Isilon is affected and   combination of OneFS and BIOS updates will be provided. Does anyone knows if any updates available for OneFS and BIOS  or when it will be available to apply. http://support.emc.com/kb/516117 FYI Isilon A100 Backup AcceleratorA100 Performance AcceleratorA200A2000F800H400H500H600HD400IQ Accelerator-xIQ Backup Accelerator-xNL400NL410S200S210X200X210X400X410 OneFS 8.1.x,OneFS 8.0.x, OneFS 7.2.1.x, OneFS 7.2.0.x, OneFS 7.1.1.x, OneFS 7.1.0.x Yes A combination of OneFS and BIOS updates will be provided. Thank you !

sjones51 · Accepted Answer

Hi Nirvik,

I don't have an exact date for you, but the support team with Isilon has been instructing people that the article you provided will be updated with more information as it is available. At this time, your best bet is to continue checking the article for further updates.

http://support.emc.com/kb/516117

Eric_W1 · Answer

The key with meltdown is ability to execute local code on the hardware.  If you only allow ssh access to trusted parties the only risk would be a remote exploit. I have no firsthand knowledge of EMC or OneFS development but given the fact that it borrows heavily from FreeBSD and, last I checked, they are still working on a patch I would expect a full mitigation to be a ways out.  Unfortunately FreeBSD was left out of the embargo so they are still playing catch-up and it's likely that backports and/or testing will take some time.

speedstep · Answer

https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

https://www.grc.com/inspectre.htm

Not all cpus will EVER get updates

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Isilon

Was this post helpful?