The Meltdown and Spectre vulnerabilities are unspecific to any one vendor and take advantage of techniques commonly used in most modern processor architectures. This means a large range of products are affected. Mitigations could include updates to both OSs and firmware (BIOS).
NI recommends customers follow security best practices to protect against exploitation of vulnerabilities. These practices include adopting software updates, avoiding unrecognized hyperlinks and websites, not downloading files or applications from unknown sources, and following secure password policies.
NI has observed some negative system performance impact from applying the mitigations. Generally, performance degradation is in line with reports from the industry. In some cases, the impact could be significant but is specific to the application. Due to the system performance impact, these mitigations may be disabled by default.
NI Linux Real-Time distributions based on LabVIEW Real-Time 2019 and later (linux kernel 4.14+RT or later and firmware version 7.0 or later) ship with several security mitigations addressing the following CVEs:
- CVE-2017-5715 (aka. Spectre v2)
- CVE-2017-5754 (aka. Meltdown)
- CVE-2018-3620, CVE-2018-3646 (aka. L1 Terminal Fault Attack)
- CVE-2018-3639 (aka. Spectre v4)