Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
Document Version Release Date Details 2 05/14/2018 Updated with additional information 1 04/16/2018 Original Document Release On January 3, 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities calls for microcode and Operating System updates. Future updates could also be necessary. Intel Response: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/ https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr Operating System Vendor Response: Red Hat: https://access.redhat.com/security/vulnerabilities/speculativeexecution SUSE: https://www.suse.com/support/kb/doc/?id=7022512 Microsoft: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Any of the following HPE platforms are affected: HPE ConvergedSystem 500 for SAP HANA Scale-out configurations: Intel Broadwell architecture Intel Haswell architecture Intel Ivy Bridge architecture HPE ConvergedSystem 500 for SAP HANA Scale-up configurations: Intel Skylake architecture Intel Broadwell architecture Intel Haswell architecture Intel Ivy Bridge architecture HPE ConvergedSystem 900 for SAP HANA Scale-up configurations: Intel Broadwell architecture Intel Haswell architecture Intel Ivy Bridge architecture HPE ConvergedSystem 900 for SAP HANA Scale-out configurations: Intel Broadwell architecture Intel Ivy Bridge architecture HPE AppSystem for SAP HANA Scale-up/Scale-out configurations Intel Westmere architecture
HPE has verified the necessary combination of microcode and Operating System updates by HPE solution and Intel generation as follows: 1)Microcode updates: Contact your HPE Account Team to purchase the appropriate service to coordinate the Microcode updates. 2)Operating System updates: Follow the recommendations below by Operating System: SUSE - Contact your HPE Account Team to purchase the appropriate services to coordinate an HPE SLES OS Patch Update Red Hat - Follow published Red Hat patching policies Microsoft Windows (for CMC server) - Follow published Microsoft patching policies NOTE: HPE TDI Solutions for SAP HANA should follow mitigation procedures for microcode and Operating System updates of the associated component. NOTE: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively via e-mail through HPE Subscriber's Choice. Sign up for Subscriber's Choice at the following URL: Proactive Updates Subscription Form. NAVIGATION TIP : For hints on navigating HPE.com to locate the latest drivers, patches, and other support software downloads for ProLiant servers and Options, refer to the Navigation Tips document . SEARCH TIP : For hints on locating similar documents on HPE.com, refer to the Search Tips Document .