K52370164 : Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126

Security Advisory Description

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.(CVE-2018-12126)

Impact

MDS vulnerabilities are exploitable by malicious non-privileged user space applications running on hosts or guest, or malicious guest operating systems. These require an attacker who can provide and run binary code of their choosing on the BIG-IP platform. CPU hardware may allow this unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines, or the hypervisor recently running on the same CPU core. The MDS vulnerability does not allow the attacker to control the memory target address; impact is purely sample based.

Currently, BIG-IP does not check the integrity of user space applications. However, the attacker must have authorized access to the system in one of the privileged roles to attempt to exploit the vulnerabilities. These conditions severely restrict the exposure risk of BIG-IP products.

For single-tenancy products, such as a standalone BIG-IP system, or multi-tenancy environments (Cloud/VE/vCMP) the risk is limited to local, untrusted applications, or untrusted guests accessing memory outside its own user space on a sample basis.

The following F5 hardware platforms are vulnerable to CVE-2018-12126:

Note: Only one entry displays for platform models that may have several variants. For example, BIG-IP i2600 and BIG-IP i2800 are both included as the BIG-IP i2x00 series.

• BIG-IP 10xx0 series
• BIG-IP 12xx0 series
• VIPRION B2250
• VIPRION B44x0N
• BIG-IP i2x00 series
• BIG-IP i4x00 series
• BIG-IP i5x00 series
• BIG-IP i7x00 series
• BIG-IP i10x00 series
• BIG-IP i11x00 series
• BIG-IP i15x00 series
• Enterprise Manager 4000
• BIG-IQ 7000