|[ ZombieLoad Logo, courtesy ZombieLoadAttack.com ]|
ZombieLoad Vulnerability: SPARC Solaris Immune
Abstract:Computing platforms have long had issues with MalWare, dating back to the MS-DOS days. Windows systems had been targeted, due to their ubiquity as well as the ability to install software with no user interaction into the system using pre-bundled keys. For the most part, UNIX Systems have been immune to most malware. A new classification of malware had become apparent, using CPU vulnerabilities, normally related to the Intel processor (leaving SPARC processors immune.) The latest vulnerability is ZomieLoad, affecting Intel processors and non-UNIX platforms such as Linux and Windows.
What is ZombieLoadA new family of vulnerabilities on the Intel Processor have become apparent in Mid-May 2019. As an aggregate, they are referred to as "Microarchitectural Data Sampling" or MDS vulnerabilities. ZombieLoad is one of these vulnerabilities. Oracle provided a nice list of CVE's with summary details: CVE-2019-11091, CVE-2018-12126, CVE-2018-12130, and CVE-2018-12127
How does it affect SPARC Solaris?If you return back t the Oracle provided CVE's above, you will notice the following 2x lines:
•Oracle has determined that Oracle SPARC servers are not affected by these MDS vulnerabilities.
Oracle Operating Systems (… Solaris) and Virtualization:
•Oracle has determined that Oracle Solaris on SPARC is not affected by these MDS vulnerabilities.