Mythics Blog

Solaris+SPARC is Meltdown (CVE-2017-5754) Free

Posted on January 24, 2018 by Erik Benner

Tags: Oracle Database, Security, SPARC, Solaris, Mythics Consulting, Oracle, Meltdown, Oracle Hardware

Connect with Erik Benner on Twitter!

Worried about the security of your data?  Did you know that SPARC+Solaris servers are not only Meltdown free, but also the ONLY platform that you can buy today that runs an Oracle Database that was not impacted by the Meltdown vulnerability?

The ONLY Architecture…

Meltdown attacks the divide between user application memory and operating system memory. This attack allows a program to access memory it would normally not access, leaking your data where users can see it. Except for Solaris/SPARC users! All V9 processors running Solaris are not susceptible to the Meltdown attack, this includes the T4, T5, M5, M6, S7, M7, M8, M10 and M12 processors… just to name a few.

But you run Solaris on x86... sorry, like most other servers you are vulnerable as the attack requires architecture weakness found on Intel, AMD and IBM Power systems, to name a few.

This protection from Meltdown comes from the fact that Solaris and the SPARC processor manage memory differently verses Intel, AMD and IBM Power based servers. Simply put, Solaris isolates the memory between the OS and the Application. Other advantages to this different memory management model are seen by Oracle Database users and allows the database to change the memory footprint without a reboot of the database. This memory management advantage also greatly improves the startup time for large memory databases.

What is even worse for the Intel, AMD, is that the patches currently introduced to try to mask the CPU vulnerabilities are also introducing stability and driver issues into the Operating systems. Users are reporting that the patches are causing issues at an alarming rate, examples can be found here, here and here. Users are also reporting performance issues with these patches, as seen on TheRegister, Artstechnica, and even business sites like Forbes! Imagine the impact to your production database when a server crashes due to a patch, or the long-term impact on your business due to the slower performance.

Running IBM Power, to my knowledge, no patches have been released as of the date of this BLOG post.

Maybe it’s time to rethink this path to an x64 datacenter, and dust off your Solaris servers… not only are they faster per core than x64, but also more secure. SPARC processors also include onboard crypto acceleration that allow you to encrypt data in motion AND data at rest with almost no performance impact. Other security abilities include role based accounting, integrated compliance reporting and more. Please contact us or reach out to your Mythics Account manager to discover how we can not only make your systems more secure, but also reduce your costs through modernization and consolidation technologies.

Erik Benner, Vice President, Enterprise Transformation, Mythics Inc.

Comments

  • ! No comments yet

Leave a Comment