Wednesday, July 31, 2019

ZombieLoad Vulnerability: SPARC Solaris Immune

[ ZombieLoad Logo, courtesy ZombieLoadAttack.com ]

ZombieLoad Vulnerability: SPARC Solaris Immune

Abstract:

Computing platforms have long had issues with MalWare, dating back to the MS-DOS days. Windows systems had been targeted, due to their ubiquity as well as the ability to install software with no user interaction into the system using pre-bundled keys. For the most part, UNIX Systems have been immune to most malware. A new classification of malware had become apparent, using CPU vulnerabilities, normally related to the Intel processor (leaving SPARC processors immune.) The latest vulnerability is ZomieLoad, affecting Intel processors and non-UNIX platforms such as Linux and Windows.

What is ZombieLoad

A new family of vulnerabilities on the Intel Processor have become apparent in Mid-May 2019. As an aggregate, they are referred to as "Microarchitectural Data Sampling" or MDS vulnerabilities. ZombieLoad is one of these vulnerabilities. Oracle provided a nice list of CVE's with summary details: CVE-2019-11091, CVE-2018-12126, CVE-2018-12130, and CVE-2018-12127
  • CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
  • CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) 
  • CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS)
  • CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS)


  • How does it affect SPARC Solaris?

    If you return back t the Oracle provided CVE's above, you will notice the following 2x lines:

    Oracle Hardware

    •Oracle has determined that Oracle SPARC servers are not affected by these MDS vulnerabilities.

     

    Oracle Operating Systems (… Solaris) and Virtualization:

    •Oracle has determined that Oracle Solaris on SPARC is not affected by these MDS vulnerabilities.


    Conclusions:

    If you are fortunate enough to be running SPARC Solaris, you are immune again. If you are not on SPARC Solaris, but on a less secure Intel based Windows or Linux platform - well, you will be needing to supply your operating system vendor's CPU microarchitecture patch and probably reboot. Let's hope you are not having to roll-your-own fix.

    Monday, July 29, 2019

    NYLUG: Talk on ZFS on Linux

    NYLUG: Talk on ZFS on Linux

    Abstract:

    Older file systems were based upon 32 bit UFS (UNIX File System) technologies, which lasted about 10 years, but started becoming tight with modern storage. Sun had produced a modern file system to last the next 10 years - it was called ZFS. ZFS is a 128 bit file system, created by Sun Microsystems, who was acquired by Oracle Corporation, is the primary active maintainer, and feature record of reference. ZFS was open sourced with OpenSolaris and other Open Source distributions started to use it, including Illumos. Eventually, Linux started to leverage ZFS. This talk is by Paul Zuchowski with a little bit of information regarding ZFS on Linux.


    New York Linux User Group:

    Paul Zuchowski is a former Sun Microsystems engineer. I became aware of him when he left a comment on a blog that I followed, He recently gave a talk at the NYLUG in April 2019 regarding the current state of ZFS on Linux. Many of the features, which are currently in the Oracle Solaris 11 release of ZFS are being actively worked on, in order to catch up, in the Linux Community.


    Conclusions:

    While some performance problems engineered by Oracle for Solaris based ZFS features may not even be a sparkle in the Linux community's eye, they are actively trying to find solutions. Hundreds of PB's of storage is currently contained in ZFS on Linux, just with a couple of companies, so clearly ZFS under Linux is mainstream enough for production use.