[sssForm]
This security advisory address CVE-2015-5307 and CVE-2015-8104, pertaining to a bug in the Intel x86 architecture, which may cause the CPU to enter a loop if a 32-bit operating system triggers alignment exception under certain conditions.
At present this vulnerability we have not discovered exploitation vectors for any of the A10 appliances and software.
Details
Current versions of HVA are running code that does not have additional protection against this vulnerability.
However the bug is not exploitable since all software running as guest OS in HVA is under A10 control and does not exhibit the properties necessary to trigger the exception.
None needed.
Despite the lack of vulnerability A10 will deliver the software updates in the next available release after they have been published in the upstream software.
The new software images will be published at the following URL when available: click here
The following table summarizes update versions resolving all of the above CVEs.
|
Vulnerable Release |
Resolved Release |
|
1.0.x |
|
Affected Platforms: HVA
Affected Software Versions: 1.0.x
| Vulnerability ID | Vulnerability Description |
|---|
| Ref # | General Link |
|---|
| Revision | Date | Description |
|---|---|---|
| 1.0 | April 18, 2018 |
Created web page |