Addendum to the January 2018 CPU Advisory for Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754) vulnerabilities
(Doc ID 2347948.1)
Last updated on DECEMBER 19, 2018
Applies to:Exalogic Elastic Cloud X6-2 Hardware - Version X6 to X6 [Release X6]
Oracle Coherence - Version 126.96.36.199.5 to 188.8.131.52.5 [Release 12c]
Information in this document applies to any platform.
This document lists the status of Oracle products with respect to the publicly-disclosed Spectre (CVE-2017-5753 and CVE-2017-5715) and Meltdown (CVE-2017-5754) vulnerabilities. Related Spectre vulnerabilities CVE-2018-3639 and CVE-2018-3640 are addressed in "Information about processor vulnerabilities CVE-2018-3640 ("Spectre v3a") and CVE-2018-3639 ("Spectre v4")" (Doc ID 2399123.1).
Oracle has assessed the impact of these vulnerabilities only for product versions that are covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. Oracle has not assessed the impact of this vulnerability against product versions that are no longer supported by Oracle.
Oracle recommends that customers keep up with security patches for operating systems, virtualization technologies, and hardware when updated security patches are released by their respective vendors or maintainers.
Customers of Oracle’s engineered systems should solely rely on the specific patches produced for these engineered systems.
Oracle recommends that you prevent as much as possible the execution of untrusted code, which is a condition for the exploitation of vulnerabilities CVE-2017-5753 (Spectre v1), CVE-2017-5715 (Spectre v2), and CVE-2017-5754 (Meltdown). Oracle recommends that you review the privileges associated with your systems, and periodically review your security logs in light of these vulnerabilities.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|1. Products with Patches or Instructions Available|
|2. Products with Patches or Instructions Pending|
|3. Products under Investigation|
|4. Products Not Affected|