Security Advisory: Intel floating point unit (FPU) register state issue (CVE-2018-3665)

Sean G. -

Overview/Description

Recently, the embargo has been broken on an Intel microprocessor issue that affects operating systems that lazily save floating point unit (FPU) register state: CVE-2018-3665.

While SmartOS is affected by this issue, Intel included Joyent in the embargoed information, with adequate time for us to develop and validate a fix.

Actions Taken by Joyent

The fix has been made available for upstream inclusion and is in the process of being deployed to the Triton Cloud (public cloud). Deployment necessitates a compute node reboot; we are making best effort to schedule those reboots with customers to minimize disruption.

We will also make available SmartOS updates for our software customers.

Further updates will continue to be posted in this advisory.

Actions You Need to Take

Triton Enterprise Software Users:

As noted above, we will make available SmartOS updates for our software customers.

Triton Public Cloud Users:

As noted above, the fix has been made available for upstream inclusion and is in the process of being deployed to the Triton Cloud (public cloud). 

Open Source Triton Users:

Please direct any questions to The SmartOS Community Mailing Lists and IRC.

Support

If you are a Joyent customer and have any further questions or concerns after reading the information provided above, please contact Joyent Support.

As noted above, if you are an Open Source Triton user, please direct any further questions to the SmartOS Community Mailing Lists and IRC.

Have more questions? Submit a request

0 Comments

Article is closed for comments.