Advisory: ProLiant Gen8 and Gen9 Series Servers - CUSTOMER ACTION REQUIRED: Some System ROMs That Addressed the Side Channel Analysis Vulnerability Have Been Removed from the HPE Download Site

TBCS IT announces the following HPE Support Alert: 

 

Find more here

If you need any assistance please call us: +49 (0)5321 35 1000 or send an e-mail to sales@tbcs-it.de

 
SUPPORT COMMUNICATION - CUSTOMER ADVISORY

Document ID: a00039784en_us

Version: 1

Advisory: ProLiant Gen8 and Gen9 Series Servers - CUSTOMER ACTION REQUIRED: Some System ROMs That Addressed the Side Channel Analysis Vulnerability Have Been Removed from the HPE Download Site
NOTICE: The information in this document, including products and software versions, is current as of the Release Date. This document is subject to change without notice.

Release Date: 2018-01-13

Last Updated: 2018-01-13


DESCRIPTION

Intel has notified HPE of reported issues with the microcode updates which Intel had provided as part of the solution to Variant 2 of the Side Channel Analysis vulnerability (often referred to as Spectre) for certain processors.

Intel has released an Intel Security Issue Update Non-HPE Site discussing this topic. The impacted processors include those used by certain HPE ProLiant Gen8 and Gen9 servers.

Due to this issue, the System ROM updates for platforms supporting processors with impacted microcodes have been removed from the HPE download site.

 

The HPE Vulnerability Page for the Side-Channel Analysis Method vulnerability has also been updated to indicate the HPE ProLiant products impacted by this issue.

The System ROM updates were also detailed in Customer Bulletin a00039267,

"HPE ProLiant, Moonshot and Synergy Servers - Side Channel Analysis Method Allows Improper Information Disclosure in Microprocessors (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)" at:

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us

Updated revisions of the System ROMs for these platforms will be made available by HPE after Intel provides updated microcodes with a resolution for these issues.

SCOPE

The following System ROMs were previously available but have since been removed from the HPE Support Site due to the issues Intel reported with the microcode updates included in them. Updated revisions of the System ROMs for these platforms will be made available after Intel provides updated microcodes with a resolution for these issues.

The list of removed System ROMs is as follows:

 

System ROM Family
Version being Pulled from hpe.com
Platform
U13
v2.54 (12/07/2017)
XL230a Gen9, XL250a Gen9
U14
v2.54 (12/07/2017)
XL170r Gen9, XL190r Gen9
U15
v2.54 (12/07/2017)
DL60 Gen9, DL80 Gen9
U18
v2.54 (12/07/2017)
XL730f Gen9, XL740f Gen9, XL750f Gen9
U19
v2.54 (12/07/2017)
Apollo 4200 Gen9
U20
v2.54 (12/07/2017)
DL160 Gen9, DL180 Gen9
U21
v2.54 (12/07/2017)
XL450 Gen9
U25
v2.54 (12/07/2017)
XL270d Accelerator Tray
P85
v2.54 (12/07/2017)
DL560 Gen9
P86
v2.54 (12/07/2017)
DL120 Gen9
P89
v2.54 (12/07/2017)
DL380 Gen9, DL360 Gen9
P92
v2.54 (12/07/2017)
ML350 Gen9
P95
v2.54 (12/07/2017)
ML150 Gen9
P99
v2.54 (12/07/2017)
ML110 Gen9
I36
v2.54 (12/07/2017)
BL460c Gen9, WS460c Gen9
I37
v2.54 (12/07/2017)
SY480 Gen9
I38
v2.54 (12/07/2017)
BL660c Gen9
I39
v2.54 (12/07/2017)
SY660 Gen9
U17
v2.54 (12/07/2017)
DL580 Gen9
I40
v2.54 (12/07/2017)
SY620 Gen9, SY680 Gen9
H06
12/12/2017
m710p Server Cartridge
P78
12/12/2017
ML310e Gen8 v2
P80
12/12/2017
DL320e Gen8 v2
J10
12/12/2017
ML10 v2
H03
12/12/2017
m710 Server Cartridge
P94
12/12/2017
Xl220a Gen8 v2

 

The microcode updates for the following processors that are supported by the aforementioned servers are impacted:

 

  • Intel Xeon Processor E5 v4 Product Family
  • Intel Xeon Processor E7 v4 Product Family
  • Intel Xeon Processor E5 v3 Product Family
  • Intel Xeon Processor E7 v3 Product Family
  • Intel Xeon Processor E3-1200 v4 Product Family
  • Intel Xeon Processor E3-1200 v3 Product Family

RESOLUTION

Due to this issue, the System ROM updates for platforms supporting processors with impacted microcodes have been removed from the HPE support site. See the HPE Vulnerability Page for additional information on what HPE ProLiant products are impacted by this issue.

Updated revisions of the System ROMs for these platforms will be made available by HPE after Intel provides updated microcodes with a resolution for these issues.

This advisory will be updated when additional information becomes available.

 

RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively via e-mail through HPE Subscriber's Choice. Sign up for Subscriber's Choice at the following URL: Proactive Updates Subscription Form.

NAVIGATION TIP : For hints on navigating HPE.com to locate the latest drivers, patches, and other support software downloads for ProLiant servers and Options, refer to the Navigation Tips document .

SEARCH TIP : For hints on locating similar documents on HPE.com, refer to the Search Tips Document .


Hardware Platforms Affected: HPE Synergy 480 Gen9 Compute Module, HPE Synergy 620 Gen9 Compute Module, HPE Synergy 680 Gen9 Compute Module, HPE ProLiant XL270d Gen9 Server, HPE ProLiant DL320e Gen8 v2 Server, HPE ProLiant ML310e Gen8 v2 Server, HP ProLiant XL220a Gen8 v2 Server, HPE ProLiant XL730f Gen9 Server, HPE ProLiant DL180 Gen9 Server, HPE ProLiant DL360 Gen9 Server, HPE ProLiant BL460c Gen9 Server Blade, HPE ProLiant DL380 Gen9 Server, HPE ProLiant ML350 Gen9 Server, HPE ProLiant XL230a Gen9 Server, HPE ProLiant XL250a Gen9 Server, HPE ProLiant XL740f Gen9 Server, HPE ProLiant XL750f Gen9 Server, HPE ProLiant m710 Server Cartridge, HPE ProLiant DL120 Gen9 Server, HPE ProLiant ML150 Gen9 Server, HPE ProLiant DL60 Gen9 Server, HPE ProLiant DL80 Gen9 Server, HPE ProLiant ML10 v2 Server, HPE ProLiant ML110 Gen9 Server, HPE ProLiant XL170r Gen9 Server, HPE ProLiant XL190r Gen9 Server, HPE ProLiant WS460c Gen9 Graphics Server Blade, HPE ProLiant DL580 Gen9 Server, HPE ProLiant BL660c Gen9 Server Blade, HPE ProLiant DL560 Gen9 Server, HPE Apollo 4200 Gen9 Server, HPE ProLiant XL450 Gen9 Server, HPE ProLiant m710p Server Cartridge
Operating Systems Affected: Not Applicable
Software Affected: Not Applicable
Support Communication Cross Reference ID: SIK2933
©Copyright 2018 Hewlett Packard Enterprise Company, L.P.
 
 

Passende Artikel

HPE ProLiant DL380 Gen9 E5-2620v3 1P 16GB-R P840ar/4GB P/N 752688-B21

HPE Renew - full warranty

Statt: 4.410,14 € * 2.854,81 € *

%
HPE ProLiant DL360 Gen9 E5-2603v3 1P 8GB-R B140i P/N: 755260-B21

HPE Renew - full warranty

Statt: 3.013,08 € * 1.636,25 € *

%
HPE ProLiant DL160 Gen9 E5-2603v3 1P 8GB-R 8xSFF Entry P/N: 769504-B21

HPE Renew - full warranty

Statt: 2.043,23 € * 1.130,50 € *

%
 
 

Kommentar schreiben

 

Die mit einem * markierten Felder sind Pflichtfelder.