1. Knowledge Base
  2. Security Advisories

CFS-2018-001: OS kernel memory leak vulnerability in Intel processors

Issue Date: 2018/01/05
Updated Date: 2018/01/05
Title: OS kernel memory leak vulnerability in Intel processors
Classification: Low
Status: Closed
Affected Products: CloudFS 6.x and 7.x


OS kernel memory leak vulnerability in Intel processors


On January 4th, 2018, Intel partially announced a security vulnerability where an attacker can run malicious code to gain access to kernel memory outside of what has been allocated for the process; full details will be announced on January 9th. All the major cloud service providers, OS and hypervisor vendors are in the process of upgrading their environments to implement a fix for this vulnerability.

Since the Panzura node does not host other VMs, or allow customer or 3rd party software to run on the node, there is no opportunity to gain direct access and exploit the Intel memory access vulnerability.


For customers running nodes in AWS or Azure, the cloud service providers are taking proactive steps to implement a fix and reboot the servers in the next couple of days. As a result, customers may experience a temporary outage during the reboot process.

For customers running nodes as a Virtual Machine in a VMware environment, please refer to www.vmware.com/us/security/advisories/VMSA-2018-0002.html regarding patch updates from VMware.

Please contact support@panzura.com, if you have any questions or concerns regarding the Intel memory leak vulnerability.