Spectre and Meltdown attacks impact on FSense processor.

FDU
FDU Posts: 57 Explorer

What is your assessment of FSense processor vulnerability to Spectre (Bounds check bypass/CVE-2017-5753 and Branch target injection/CVE-2017-5715) and Meltdown (Rogue data cache load, memory access permission check performed after kernel memory read/CVE-2017-5754) attacks and what is your litigation plan as the case may be ?

Comments

  • Coffeebreak
    Coffeebreak Posts: 2 New Member

    I would also like to know what is the situation with Sense router and Meltdown/Spectre before I buy the product.

  • Coffeebreak
    Coffeebreak Posts: 2 New Member

    Hi,

     

    this answer satisfied my needs. Bought one  and now installing :)

     

    Thanks for the help.

  • FDU
    FDU Posts: 57 Explorer

    The fact that FSense is running code done by Fsecure is not providing any assurance that the router chip is immune to these Spectre/Meltdown 3 vulnerabilities as these are solely due to the hardware implementation in the MPU.

    Of course, the fact that you do the software can give you some possibilities to provide some patches / workaround solutions but not to say that the processor is immune to the 3 vulnerabilities reported in Spectre/Meltdown.

    From your answer, I then guess that, contrary to many other routers processors, the processor that you are using in FSense, although most probably also based on Arm cores, is not in the list published by ARM, right ?

    https://developer.arm.com/support/security-update

  • [Deleted User]
    [Deleted User] Posts: 0 Former F-Secure Employee

    The F-Secure SENSE CPU is running on MIPS architecture. According to our current information this particular CPU variant is not vulnerable to these attacks.

This discussion has been closed.