Summary

Security Advisory ID : BSA-2018-612

Component : HW:CPU

Revision : 1.0: Final

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may return a speculative register value that is then used in subsequent speculative load instructions. These subsequence speculative loads cause allocations into the cache that may allow a sequence of speculative loads to be used to perform timing side-channel attacks. An attacker with local user access may be able to use timing side-channel analysis to determinethe values stored in system registers.

Affected Products

No Brocade Fibre Channel technologyproducts from Broadcom are currently known to be affected by this vulnerability.

Note

Brocade Manageability products are not vulnerable to Rogue System RegisterRead (RSRE) –also known as "Variant3a".However, since the environment that runs the products is not under Brocade's Control, Brocade recommends Customers to apply the recommendation from the vendors.

Revision History