Software Archive
Read-only legacy content
17061 Discussions

Hotfix releases of Intel® MPSS for Linux (3.3.5, 3.4.4, and 3.5.1)

Loc_N_Intel
Employee
‎06-05-2015 09:31 AM
205 Views

Please note that the hotfix releases of Intel® MPSS for Linux (3.3.5, 3.4.4, and 3.5.1) are now available at https://software.intel.com/en-us/articles/intel-manycore-platform-software-stack-mpss

Two security vulnerabilities that affect the previous versions of Intel® MPSS for Linux release 3.x have been fixed in these hotfix releases: vulnerabilities in the 3rd-party OpenSSL* library and a race condition with the Intel® MPSS host daemon.

 

Intel® MPSS for Windows* is not affected.

 

Details of the security issues:
-------------------------------------------------------------------------
Change number: 0000001
Component: Coprocessor OS
Description: On March 19th, 2015 OpenSSL.org issued a security
                    advisory that listed a number of security
                    vulnerabilities in the OpenSSL libraries
                    (CVE-2015-0204, CVE-2015-0209, CVE-2015-0286,
                    CVE-2015-0287, CVE-2015-0288, CVE-2015-0289,
                    CVE-2015-0292, and CVE-2015-0293).
Impact:        These vulnerabilities are unlikely to have an
                    adverse impact on the coprocessor OS core
                    functionality; although user workloads could use
                    some of the library’s vulnerable functions.
References: http://openssl.org/news/secadv_20150319.txt
Mitigation:    The OpenSSL RPMs are being upgraded to version
                    1.0.0.r, which is free from known vulnerabilities.
-------------------------------------------------------------------------
Change number: 0000002
Component: Coprocessor OS
Description: It was identified during internal testing that there
                    was a race condition with the Intel® MPSS host
                    daemon, during which a host attacker could connect
                    to the coprocessor OS daemon and use this as a pivot
                    to other attacks. In the worst case the attacker
                    could achieve a privilege escalation on the
                    coprocessor OS.
Impact:        Privilege escalation
Mitigation:   release strengthens the security of a protocol for
                    communication between MPSS daemon on host and a
                    corresponding daemon on Coprocessor OS.

 

 

 

0 Kudos

Link Copied

0 Replies
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.