My Oracle Support Banner

Oracle Solaris mitigations for Speculative Execution issues (Doc ID 2578491.1)

Last updated on MAY 28, 2024

Applies to:

Solaris Operating System - Version 10 to 11.4 [Release 10.0 to 11.0]
Information in this document applies to any platform.

Purpose

 Describes what mitigations are available for the various processor speculative execution vulnerabilities, including Spectre, Meltdown, and others.

Scope

Oracle has assessed the mitigations available for these vulnerabilities only for product versions that are covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. Oracle has not assessed the impact of these vulnerabilities against product versions that are no longer supported by Oracle. For more information on the support levels of specific Oracle Solaris releases, see Solaris Operating System End Of Life Matrix (Doc ID 1001343.1)

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
 General Recommendations
 Spectre Variant 1 family
 CVE-2017-5753: Spectre Variant 1, Bounds Check Bypass (BCB)
 CVE-2018-3693: Spectre Variant 1.1, Bounds Check Bypass Store (BCBS)
 CVE-2019-1125: SWAPGS
 CVE-2017-5715: Spectre Variant 2, Branch Target Injection (BTI)
 BTI mitigations for SPARC Systems
 BTI mitigations for x86 Systems
 CVE-2017-5754: Spectre Variant 3, Meltdown, Rogue Data Cache Load (RDCL)
 CVE-2018-3640: Spectre Variant 3a, Rogue System Register Read
 CVE-2018-3639: Spectre Variant 4, Speculative Store Bypass (SSB)
 SSB mitigations for SPARC Systems
 SSB mitigations for x86 Systems
 CVE-2018-3665: Lazy FP state restore (LazyFP)
 CVE-2018-15772: SpectreRSB
 CVE-2018-3646: L1 Terminal Fault (L1TF) for Virtual Machine Managers (VMM), Foreshadow-NG
 CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11135: Microarchitectural Data Sampling (MDS), RIDL, Fallout, Zombieload, TAA
 CVE-2020-0549, CVE-2020-0548, CVE-2020-0543: CacheOut: L1D Eviction Sampling, Vector Register Sampling, CROSStalk (Special Register Data Buffer Sampling)
 CVE-2020-8696, CVE-2020-8698, CVE-2020-8695: Vector Register Sampling Active (VRSA), Fast Store Forward Predictor (FSFP), Running Average Power Limit (RAPL)
 CVE-2021-0145: Fast Store Forward Predictor (FSFP) - Cross Domain Training
 CVE-2022-29900, CVE-2022-29901, CVE-2022-28693: Return Stack Buffer Underflow, RetBleed
 CVE-2022-40982: Gather Data Sampling, Downfall
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.