https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13642#M950 <HTML><HEAD></HEAD><BODY><P><A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk140072" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk140072">Check Point Response to CVE-2018-5407 (PortSmash)</A></P><P>Check Point is affected but sees low relevance.</P></BODY></HTML> Mon, 12 Nov 2018 09:19:16 GMT Danny 2018-11-12T09:19:16Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13639#M947 <HTML><HEAD></HEAD><BODY><P><A class="link-titled" href="https://access.redhat.com/security/cve/cve-2018-5407" title="https://access.redhat.com/security/cve/cve-2018-5407"><STRONG>CVE-2018-5407</STRONG> - </A>Intel processor execution engine sharing on SMT (e.g. Hyper-Threading) flaw</P><P></P><P><STRONG>Is Check Point affected?</STRONG> Should we better disable Hyper-Threading (SMT) until a fix is available?</P><P></P><P>I didn't find any notification yet on <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsecurityalerts=">Check Point's Alert page</A>.</P></BODY></HTML> Tue, 06 Nov 2018 08:48:26 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13639#M947 Danny 2018-11-06T08:48:26Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13640#M948 <HTML><HEAD></HEAD><BODY><P>Haha, good luck with that on productions chassis running VSX... fully tweaked to coreXL and SXL <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P></BODY></HTML> Tue, 06 Nov 2018 13:14:47 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13640#M948 Kaspars_Zibarts 2018-11-06T13:14:47Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13641#M949 <HTML><HEAD></HEAD><BODY><P>Hi <A href="https://community.checkpoint.com/migrated-users/41735">Danny,</A></P><P></P><P>As I understood it, you must execute malicious code on the same core to access the other SMT channel. So you need access to the firewall. I don't think the attack should be exploitable without another vulnerability in this case.</P><P></P><P>But let's wait for Check Point's answer.</P><P></P><P>Regards</P><P>Heiko</P></BODY></HTML> Fri, 09 Nov 2018 19:41:36 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13641#M949 HeikoAnkenbrand 2018-11-09T19:41:36Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13642#M950 <HTML><HEAD></HEAD><BODY><P><A class="link-titled" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk140072" title="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk140072">Check Point Response to CVE-2018-5407 (PortSmash)</A></P><P>Check Point is affected but sees low relevance.</P></BODY></HTML> Mon, 12 Nov 2018 09:19:16 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Is-Check-Point-affected-by-Intel-Hyper-Threading-flaw-CVE-2018/m-p/13642#M950 Danny 2018-11-12T09:19:16Z