January 17, 2018
Hitachi, Ltd. IT Platform Products Management Division
Researchers disclosed the vulnerabilities below which allow side channel attack to the CPUs with speculative execution function.
[JVNVU#93823979(CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)]
CVE-2017-5715 and CVE-2017-5753 are known as Spectre.
CVE-2017-5754 is known as Meltdown.
When a malicious software is executed on a target product of the attack, the data stored in the memory that is used for each processing in OS kernel space and user space is unexpectedly exposed by the vulnerabilities.
However, the vulnerabilities do not affect our storage products (including SVP) because it is impossible to execute any external program on the storage products.