Hewlett Packard Enterprise Product Security Vulnerability Alerts

AMD Processor Security Vulnerabilities (Fallout/Masterkey/Ryzenfall/Chimera)

Version 3.0 :  Last Updated: June 25, 2018

This website is updated frequently, as new product information becomes available.

On March 13, 2018, CTS Labs publicly released information regarding research into security vulnerabilities impacting some AMD products. In terms of HPE Servers, the relevant vulnerabilities impact the AMD Secure Processor (PSP) utilized in the AMD EPYC 7000 Series processor used on the HPE ProLiant DL385 Gen10 and HPE Cloudline CL3150 Gen10 servers. No other HPE server products are impacted by these potential vulnerabilities.

As HPE, working with AMD, learns more information, we will update our communications.

HPE is working with AMD to determine the extent of the vulnerability and what precautions might be needed to mitigate any exposure. Fortunately, the new HPE DL385 Gen10 product ships with all the new HPE security features, including the HPE Silicon Root of Trust. This new HPE technology protects against typical denial of service or permanent denial of service conditions that might be caused by one part of this vulnerability.

Usage Instructions and Definitions for CVE Vulnerability Information

Data

Definition

Product Category

High-level product description.

Product Sub-Category

Medium-level product description.

Product Name

Detailed product description.

 

(Impacted)

Indicates whether the specific product is affected by the cited vulnerability.

 

If Impacted - Mitigation or

Information regarding how to address a vulnerability.

Under Investigation

Link(s) to security bulletin (Vendor)

Link to Vendor's Security Bulletin.

 

Use the following table to find vulnerability information.

Product Category

Product Sub-Category

Product Name

Impacted

ROM Family

Resolved in ROM Version

Mitigation and Notes

Customer Bulletin

Security Bulletin

Cloudline

Cloudline

Cloudline CL3150 Gen10 (AMD)

Yes

O51

5.1.2.0

https://www.hpe.com/global/swpublishing/MTX-7bd9870474004043907ec08a8d

 

Security Bulletin hpesbhf03841en

Servers

ProLiant

ProLiant DL385 Gen10 (AMD System)

Yes

A40

1.22(04/16/2018)

Vulnerable to Fallout Only. Patches available below:
Windows:  https://www.hpe.com/global/swpublishing/MTX-9e21bcb1eaa549a58e585f18be
Linux: https://www.hpe.com/global/swpublishing/MTX-5e5914c9bdf74f78b708158dd1
OS Independent: https://www.hpe.com/global/swpublishing/MTX-b83bbc076050462fa5a13a1ed8

 

Security Bulletin hpesbhf03841en

Servers

Moonshot

Moonshot m700 Server Cartridge (AMD System)

No

A34

 

 

 

 

Servers

Moonshot

Moonshot m700p Server Cartridge (AMD System)

No

A35

 

 

 

 

Servers

ProLiant

ProLiant BL465c Gen8 (AMD System)

No

A26

 

 

 

 

Servers

ProLiant

ProLiant DL385 Gen8 (AMD System)

No

A28

 

 

 

 

Servers

ProLiant

ProLiant DL385 G7 (AMD System)

No

 

 

 

 

 

Servers

ProLiant

ProLiant DL585 G7 (AMD System)

No

 

 

 

 

 

Servers

ProLiant

ProLiant BL465 G7 (AMD System)

No

 

 

 

 

 

Servers

ProLiant

ProLiant BL685 G7 (AMD System)

No

 

 

 

 

 

Servers

ProLiant

ProLiant Microserver Gen10 (AMD System)

No