DSA-2019-005: Dell EMC Data Protection Search Security Update for Multiple Multiprocessor Side-Channel Vulnerabilities
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
Summary:
Dell EMC Data Protection Search contains operating system updates to mitigate new variants of speculative execution side-channel vulnerabilities.
This advisory addresses the following vulnerabilities:
-
CVE-2018-3640 Rogue System Register Read (RSRE) also known as Variant 3a
-
CVE-2018-3639 Speculative Store Bypass (SSB) also known as Variant 4
-
CVE-2018-3620 - L1 Terminal Fault: OS/SMM
For more information, review Intel s security advisories INTEL-SA-00115 and INTEL-SA-00161.
See NVD (http://nvd.nist.gov/) for individual scores for each CVE
This advisory addresses the following vulnerabilities:
-
CVE-2018-3640 Rogue System Register Read (RSRE) also known as Variant 3a
-
CVE-2018-3639 Speculative Store Bypass (SSB) also known as Variant 4
-
CVE-2018-3620 - L1 Terminal Fault: OS/SMM
For more information, review Intel s security advisories INTEL-SA-00115 and INTEL-SA-00161.
See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Affected Products & Remediation
Affected products:
Dell EMC Data Protection Search prior to version 18.2
Remediation:
The following Dell EMC Data Protection Search release addresses these vulnerabilities:
-
Dell EMC Data Protection Search 18.2
Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
Customers can download the latest updates from the Data Protection Search support page at: https://support.emc.com/products/38110
Affected products:
Dell EMC Data Protection Search prior to version 18.2
Remediation:
The following Dell EMC Data Protection Search release addresses these vulnerabilities:
-
Dell EMC Data Protection Search 18.2
Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
Customers can download the latest updates from the Data Protection Search support page at: https://support.emc.com/products/38110
Related Information
Legal Disclaimer
Affected Products
Data Protection SearchProducts
Data Protection Search, Product Security InformationArticle Properties
Article Number: 000153602
Article Type: Dell Security Advisory
Last Modified: 22 May 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.