Synology-SA-19:32 SWAPGS Spectre Side-Channel Attack

Publish Time: 2019-08-08 18:21:05 UTC+8

Last Updated: 2019-08-08 18:21:05 UTC+8

Severity
Moderate
Status
Ongoing

Abstract

The vulnerability allows local users to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM) running on an Intel CPU or even if in Virtual Machine Manager.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2[1] Moderate Ongoing

[1] DS216+,DS216+II,DS716+,DS716+II,DS416play,DS916+,DS418play,DS218+,DS718+,DS918+,DS1019+,DS620slim,DS415+,RS815+,RS815RP+,DS1515+,DS1815+,DS1517+,DS1817+,DS2415+,RS2416+,RS2416RP+,RS818+,RS818RP+,RS1219+,DS1618+,RS2418+,RS2418RP+,RS2818RP+,DS2419+,DS1819+,DVA3219,RS3413xs+,RS10613xs+,RS3614xs+,RC18015xs+,RS18016xs+,RS3617xs,RS3614xs,RS3614RPxs,,RS3617RPxs,RS3617xs+,DS3617xs,DS3018xs,RS4017xs+,RS18017xs+,RS3618xs,FS1018,FS2017,RS1619xs+,SA3400,FS3400,FS3017

Mitigation

None

Detail

Reserved

Reference

Revision

Revision Date Description
1 2019-08-08 Initial public release.