We use cookies to help us improve our webpage. Please read our Cookie Policy.

Synology-SA-18:23 Speculative Store Bypass

Publish Time: 2018-05-22 14:39:53 UTC+8

Last Updated: 2018-05-22 14:39:53 UTC+8

Severity
Moderate
Status
Ongoing

Abstract

These vulnerabilities allow local users to obtain sensitive information via a susceptible version of Synology DiskStation Manager (DSM) that are equipped with Intel or ARM CPU.

Affected Products

Product Severity Fixed Release Availability
DSM 6.1[1] Moderate Ongoing
DSM 6.0[2] Moderate Ongoing
DSM 5.2[3] Moderate Ongoing
Virtual DSM Moderate Ongoing
Sky NAS Moderate Ongoing

[1] DS418play, DS218+, DS718+, DS918+, DS1618+, RS2418+, RS2418RP+, DS3611xs, DS3612xs, RS3411RPxs, RS3412RPxs, DS3413xs+, RS10613xs+, RS3614xs+, RS18015xs+, RS18016xs+, RS3617xs, RS3614RPxs, DS3615xs, FS3017, DS2015xs, DS1515, DS715, DS1517, DS1817, DS416, DS215+

[2] DS3611xs, DS3612xs, RS3411RPxs, RS3412RPxs, DS3413xs+, RS10613xs+, RS3614xs+, RS18015xs+, RS18016xs+, RS3617xs, RS3614RPxs, DS3615xs, FS3017, DS2015xs, DS1515, DS715, DS416, DS215+

[3] DS3611xs, DS3612xs, RS3411RPxs, RS3412RPxs, DS3413xs+, RS10613xs+, RS3614xs+, RS18015xs+, RS18016xs+, RS3614RPxs, DS3615xs, DS2015xs, DS1515, DS715, DS416, DS215+

Mitigation

None

Detail

Reference

Revision

Revision Date Description
1 2018-05-22 Initial public release.