Customer Support


Important News

Customer Support


Important News

Security Vulnerability Notice

SYSGO has been made aware by various chip vendors about latest vulnerability possibilities on hardware from Intel, AMD, ARM, and PowerPC, called "Spectre" and "Meltdown". While Spectre affects hardware from all vendors, Meltdown mainly affects Intel x86 architectures. These vulnerabilities can be used to allow programs access to data in the memory of other running programs or operating systems, e.g. passwords, messages or other personal data, or to read arbitrary locations from protected memory regions. Currently no publically known security attacks had been recorded.

There are three main variants of the exploits, as detailed by Google in their blogpost, that explain in detail the mechanisms:

  • Variant 1, Spectre: bounds check bypass (CVE-2017-5753)
  • Variant 2, Spectre: branch target injection (CVE-2017-5715)
  • Variant 3, Meltdown: rogue data cache load (CVE-2017-5754)

Details of affected ARM processors can be found here:
https://developer.arm.com/support/security-update

Intel’s statement can be found here:
https://newsroom.intel.com/news/intel-responds-to-security-research-findings/

Since getting informed about these issues end of December 2017 SYSGO is working on a technical analysis checking the situation and preparing software patches where needed.

More details from our ELinOS team are available here.