TPS-2018-006 Intel floating point unit (FPU) register state issue (CVE-2018-3665)
Overview/Description
Recently, the embargo has been broken on an Intel microprocessor issue that affects operating systems that lazily save floating point unit (FPU) register state: CVE-2018-3665.
While SmartOS is affected by this issue, Intel included Joyent in the embargoed information, with adequate time for us to develop and validate a fix.
Actions Taken by Joyent
The fix has been made available for upstream inclusion and is in the process of being deployed to the Triton Cloud (public cloud). Deployment necessitates a compute node reboot; we are making best effort to schedule those reboots with customers to minimize disruption.
We will also make available SmartOS updates for our software customers.
Further updates will continue to be posted in this advisory.
Actions You Need to Take
Triton Public Cloud Users
As noted above, the fix has been made available for upstream inclusion and is in the process of being deployed to the Triton Cloud (public cloud).
Triton Enterprise Software Users
Update to platform release-20180621
or later.
Open Source Triton Users
Update to platform release-20180621
or later.
Please direct any questions to The SmartOS Community Mailing Lists and IRC.
Support
If you are a Joyent customer and have any further questions or concerns after reading the information provided above, please contact Joyent Support.
As noted above, if you are an Open Source Triton user, please direct any further questions to the SmartOS Community Mailing Lists and IRC.