MDS security issue
Microarchitectural data sampling (MDS) is a sub-class of previously disclosed speculative execution side channel vulnerabilities and is comprised of 4 CVE (CVE-2018-12127, CVE-2018-12126, CVE-2018-12130 and CVE-2019-11091). Under certain conditions, MDS provides a program the potential means to read data that program otherwise would not be able to see. MDS techniques are based on a sampling of data leaked from small structures within the CPU using a locally executed speculative execution side channel. Practical exploitation of MDS is a very complex undertaking. MDS does not, by itself, provide an attacker with a way to choose the data that is leaked.
QCT has been working with Intel to identify mitigations that enhance platform resiliency to this vulnerability. Intel suggests these updates help ensure our customers have access to the protections necessary for traditional IT and cloud services environments.
Please see affacted product, mitigation option and detailed info in below tables.
Reference
- Intel Side Channel Vulnerability MDS: https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
- Intel Intel Security advisory (Intel-SA-00233) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html
- Intel Software Security Guidance for developers https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
| Table 1 - Security Vulnerability | |||||||
|---|---|---|---|---|---|---|---|
| Security Vulnerability | Disclosed Date | Intel SA # | Affected Products | No. | CVE# | CVSS | Mitigation options |
| Side Channel Analysis Method Update (Microarchitectural data sampling (MDS)) | 15-May-19 | Intel-SA-00233 | Server with below CPU is recommended to update BIOS (Microcode update) + OS/VMM. (1) Intel® Xeon® Scalable Processor Family (Skylake) (2) Intel® Xeon® Processor E3v5 & E3v6 product family (Skylake E3) (3) Intel® Xeon® Processor E5v3, E5v4, E3v3 and E3v4 Product Family (Haswell & Broadwell) (4) Intel® Xeon-D (Broadwell) (5) Intel® Xeon® Processor E3-1200 v3 & v4 Product Family (Broadwell E3 & Haswell E3) (6) Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) Server with below CPU is addressed at hardware level by Intel. (7) 2nd Gen Intel® Xeon® Scalable Processor Family (Cascade Lake) (8) 8 th and 9 th Generation Intel® Core™ processor (Mehlow) | Microarchitectural Load Port Data Sampling (MLPDS) | CVE-2018-12127 | CVSS -6.5 Medium | - Server w/ (1),(2), (3), (4), (5) & (6) CPU
MDS is addressed by BIOS (Microcode update) +
OS/VMM (please contact your OS or VM vendors for detailed information) - Server w/ (7) & (8) CPU MDS is addressed in hardware level by Intel |
| Microarchitectural Store Buffer Data Sampling (MSBDS) | CVE-2018-12126 | CVSS -6.5 Medium | |||||
| Microarchitectural Fill Buffer Data Sampling (MFBDS) | CVE-2018-12130 | CVSS - 6.5 Medium | |||||
| Microarchitectural Uncacheable Data Sampling (MDSUM) | CVE-2019-11091 | CVSS – 3.8 Low | |||||
| Table 2 - BIOS updates for QCT products | ||||
|---|---|---|---|---|
| QCT servers | CPU | BIOS fixed version | BIOS release week | Remark |
| D52B-1U | Intel® Xeon® Scalable Processor Family (Skylake, Cascade Lake*) | 3A14.Q301 | WK23 | *2nd Gen Intel® Xeon® Scalable Processor Family (Cascade Lake) is addressed at hardware level by Intel. It means these servers (w/ Cascade Lake CPU) are unnecessary to update ‘’BIOS w/ microcode’’. |
| D52BQ | ||||
| D52BQ-2U 3UPI | ||||
| T42S-2U | ||||
| T42SP-2U | ||||
| T42D-2U | ||||
| Q72D-2U | 3A04.Q301 | |||
| D52G-4U | 3A14.Q301 | |||
| D52BV-2U | ||||
| D52T-1ULH | ||||
| D52BM-2U | ||||
| T42E-2U | ||||
| D52L | in progress | |||
| D51B-1U/2U | Intel® Xeon® Processor E5v3 & E5v4 Product Family (Haswell & Broadwell) | 3B20 | WK23 | na |
| T41S-2U | 3B12 | |||
| T21P-4U | 3B13 | |||
| T41SP-2U | 3B12 | |||
| D51PH-1ULH | 3B13 | |||
| T21SR-2U | 3B12 | |||
| D51PL-4U | in progress | |||
| D51BV-2U | 3B20 | WK23 | ||
| D51PS-1U | 3B13 | |||
| D51BP-1U/2U | 3B20 | |||
| D51PC-1U | 3B13 | |||
| S31A-1U | Intel® Xeon® Processor E3-1200 v5 & 1200 v6 product family (Skylake E3) | 3B09.05 | ||
| X10E-9N | 3B09.04 | |||
| Rackgo X Leopard Cave | Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) | Please contact your account sales for fixed BIOS release schedule. | ||
| SD1Q-1ULH | Intel® Xeon-D (Broadwell) | |||
| Q71L-4U | Intel® Xeon® processor E7 v2, v3 and v4 product family (Ivy Bridge EX, Haswell EX) | |||
| S910-X31E | Intel® Xeon® Processor E3-1200 v3 & v4 Product Family (Broadwell E3 & Haswell E3) | |||
| S810-X52L | Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) | |||
| S210-X12RS (1U) | ||||
| S210-X22RQ (2U) | ||||
| S210-X12MS | ||||
| S210-X2A2J | ||||
| S200-X22TQ | ||||
| S200-X12TS | ||||
| F06A | Intel® Xeon® Processor E5v3 & E5v4 Product Family (Haswell & Broadwell) | |||
| F03A | Intel® Xeon® Processor E5 & E5v2 Product Family (Ivy Bridge & Sandy Bridge) | |||
[Remark]
Regarding Customized BIOS, please contact your account sales for release schedule and BIOS with microcode.