1 Reply Latest reply on Nov 29, 2017 10:40 AM by Intel Corporation

    INTEL-SA-00086 CVE-2017-5705/6/7/8/9/10/11/12

    CitizenPips

      The Linux vulnerability detection tool for INTEL-SA-00086

        --- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

        --- https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

        --- https://downloadcenter.intel.com/download/27150

        --- SA00086_Linuxtar.gz

       

       

      Has x3 prerequisites

        --- Linux*:

        -1- • Ubuntu* LTS 16.0.4 (for client), Redhat 7.2 (for Server)

        -2- • Python* 2.7

        -3- • Local operating system administrative access

       

       

      We are testing the Linux vulnerability detection tool with

        --- Red Hat Enterprise Linux Server 6.5 Santiago and

        --- python.x86_64 2.6.6-51.el6

       

       

      When we run the detection tool on this version - as is - we get :

        >>> [root@<ServerName> /]# date ; cd ~/SA00086_Linux ; pwd ; ls -lrt | egrep -i $(ls -t | egrep -i 'SA-00086-' | head -1 ) ; cat -n $(ls -t | egrep -i 'SA-00086-' | head -1 )

        >>> Tue Nov 28 11:11:01 GMT 2017

        >>> /root/SA00086_Linux

        >>> -rw-r--r-- 1 root root     301 Nov 28 11:07 SA-00086-<ServerName>.<DomainName>-2017-11-28-11-07-15.log

        >>>      1  Tool Started 2017-11-28 11:07:15 GMT

        >>>      2  Name: <ServerName>.<DomainName>

        >>>      3  Manufacturer: HP

        >>>      4  Model: ProLiant DL360p Gen8

        >>>      5  Processor Name: Intel(R) Xeon(R) CPU E5-2643 0 @ 3.30GHz

        >>>      6  OS Version: Red Hat Enterprise Linux Server 6.5 Santiago (2.6.32-642.13.1.el6.x86_64)

        !!!      7  HECI error: No device with MKHI found[2]

       

       

      Can you

        --- 1. Suggest how we can test for vulrability INTEL-SA-00086 on RHEL 6.5 without upgrading to RHEL 7.2 or Python to 2.7 ( we have application that are relying on current versions )

        --- 2. Tell from the current details - listed in the failed runs output - if the INTEL-SA-00086 variabilities exits

        --- 3. Confirm that INTEL-SA-00086 vulrability exist and can be addressed on RHEL 6.5