Oracle Solaris mitigations for Speculative Execution issues
(Doc ID 2578491.1)
Last updated on MAY 28, 2024
Applies to:
Solaris Operating System - Version 10 to 11.4 [Release 10.0 to 11.0]Information in this document applies to any platform.
Purpose
Describes what mitigations are available for the various processor speculative execution vulnerabilities, including Spectre, Meltdown, and others.
Scope
Oracle has assessed the mitigations available for these vulnerabilities only for product versions that are covered under the Premier Support or Extended Support phases of the Lifetime Support Policy. Oracle has not assessed the impact of these vulnerabilities against product versions that are no longer supported by Oracle. For more information on the support levels of specific Oracle Solaris releases, see Solaris Operating System End Of Life Matrix (Doc ID 1001343.1).
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Purpose |
| Scope |
| Details |
| General Recommendations |
| Spectre Variant 1 family |
| CVE-2017-5753: Spectre Variant 1, Bounds Check Bypass (BCB) |
| CVE-2018-3693: Spectre Variant 1.1, Bounds Check Bypass Store (BCBS) |
| CVE-2019-1125: SWAPGS |
| CVE-2017-5715: Spectre Variant 2, Branch Target Injection (BTI) |
| BTI mitigations for SPARC Systems |
| BTI mitigations for x86 Systems |
| CVE-2017-5754: Spectre Variant 3, Meltdown, Rogue Data Cache Load (RDCL) |
| CVE-2018-3640: Spectre Variant 3a, Rogue System Register Read |
| CVE-2018-3639: Spectre Variant 4, Speculative Store Bypass (SSB) |
| SSB mitigations for SPARC Systems |
| SSB mitigations for x86 Systems |
| CVE-2018-3665: Lazy FP state restore (LazyFP) |
| CVE-2018-15772: SpectreRSB |
| CVE-2018-3646: L1 Terminal Fault (L1TF) for Virtual Machine Managers (VMM), Foreshadow-NG |
| CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11135: Microarchitectural Data Sampling (MDS), RIDL, Fallout, Zombieload, TAA |
| CVE-2020-0549, CVE-2020-0548, CVE-2020-0543: CacheOut: L1D Eviction Sampling, Vector Register Sampling, CROSStalk (Special Register Data Buffer Sampling) |
| CVE-2020-8696, CVE-2020-8698, CVE-2020-8695: Vector Register Sampling Active (VRSA), Fast Store Forward Predictor (FSFP), Running Average Power Limit (RAPL) |
| CVE-2021-0145: Fast Store Forward Predictor (FSFP) - Cross Domain Training |
| CVE-2022-29900, CVE-2022-29901, CVE-2022-28693: Return Stack Buffer Underflow, RetBleed |
| CVE-2022-40982: Gather Data Sampling, Downfall |
| References |