LANCOM Support Knowledgebase Document No. 1808.1709.1115.RHOO - V4.00

“Foreshadow” vulnerability on INTEL processors: Recommendations for users of virtual LANCOM products



Date: August 29, 2018


Information:

With reference to the “Foreshadow” vulnerability, which has been discovered on INTEL processors, reported in the media on August 14, 2018, LANCOM Systems issues the following recommendations to users of the virtual LANCOM products
  • LANCOM vRouter
  • LANCOM Management Cloud (only LMC Private)
  • LANCOM Large Scale Monitoring (LSM) & LANCOM Large Scale Rollout & Management (LSR)



General recommendations:
  • The risk is reduced by operating a hardware environment, which is exclusively operated by the customer and is maintained and operated exclusively by the customer (i.e. a dedicated hardware environment).
  • The customer is urged to update the Hypervisor environment with the patches from the manufacturer.
    • VMware has already issued the appropriate security updates. The issues in question are listed by the software developer VMware on their website.



1) LANCOM vRouter:
  • The LANCOM vRouter is affected by the vulnerability in terms of the Hypervisor host system. Please follow our general recommendations.



2) LANCOM Management Cloud (only LMC Private):
  • The LMC Private is affected by the vulnerability in terms of the Ubuntu operating system (virtual instance and root system) and the Hypervisor environment.
    • The customer is urged to update the Ubuntu operating system with the patches from the Ubuntu project (see here).



3) LANCOM Large Scale Monitoring (LSM) & LANCOM Large Scale Rollout & Management (LSR):
  • The LANCOM LSM and LSR are affected by the vulnerability in terms of the Debian operating system (virtual instance and root system) and the Hypervisor environment.
    • The customer is urged to update the CentOS operating system with the patches from the CentOS project (see here).

Due to importance of security implications, LANCOM Systems updates their systems as soon as possible after manufacturer patches become available.

Catchwords: security; advisory; notice; Foreshadow
Please review this document! This document was helpful This document was not helpful