[c-nsp] Meltdown and Spectre

Daniel Suchy danny at danysek.cz
Sat Jan 6 06:25:59 EST 2018


Hello,
Cisco&Juniper has official advisory for that...

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10842&cat=SIRT_1&actp=LIST

In general, if you have properly protected control plane of your device
(see RFC 6192 for recomendations), there's no reason for panic. You must
wait for vendor's updates... and it's complex issue, there's no simple
fix (current fixes available in Linux for example aren't covering all
CVEs yet).

With regards,
Daniel


On 01/06/2018 12:04 PM, james list wrote:
> Dear all,
> For cve related to Meltdown and Spectre I'm wondering to know what are you
> doing or going to do on your networking gears?
> 
> I'm struggling to understand something from vendors but I'd like to hear
> from people in the pitch.
> 
> Cheers
> James
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 


More information about the cisco-nsp mailing list