Lucene search
OracleLinuxELSA-2019-4837HistoryNov 12, 2019 - 12:00 a.m.
Unbreakable Enterprise kernel security update
2019-11-1200:00:00
linux.oracle.com
27
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
[4.1.12-124.32.3.2]
- x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/tsx: Add ‘auto’ option to the tsx= cmdline parameter (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30419233] {CVE-2019-11135}
- x86/cpu: Add a ‘tsx=’ cmdline option with TSX disabled by default (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/cpu: Add a helper function x86_read_arch_cap_msr() (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/msr: Add the IA32_TSX_CTRL MSR (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
[4.1.12-124.32.3.1] - kvm: x86: mmu: Recovery of shattered NX large pages (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- kvm: Add helper function for creating VM worker threads (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- kvm: x86: Do not release the page inside mmu_set_spte() (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- x86/cpu: Add Tremont to the cpu vulnerability whitelist (Pawan Gupta) [Orabug: 29967631] {CVE-2018-12207}
- x86: Add ITLB_MULTIHIT bug infrastructure (Pawan Gupta) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move mapping_level_dirty_bitmap() call in mapping_level() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- Revert ‘KVM: x86: use the fast way to invalidate all pages’ (Sean Christopherson) [Orabug: 29967631] {CVE-2018-12207}
- kvm: Convert kvm_lock to a mutex (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Simplify force_pt_level calculation code in FNAME(page_fault)() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Make force_pt_level bool (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: extend usage of RET_MMIO_PF_* constants (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Make mmu_set_spte() return emulate value (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to link_shadow_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move initialization of parent_ptes out from kvm_mmu_alloc_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
Related
suse
suse
Security update for spectre-meltdown-checker (moderate)
2019-12-31 00:00:00
Security update for qemu (important)
2019-11-14 00:00:00
Security update for xen (important)
2019-11-14 00:00:00
nessus
nessus
RHEL 7 : kpatch-patch (RHSA-2020:0028)
2020-01-07 00:00:00
RHEL 7 : Virtualization Manager (RHSA-2019:3860)
2019-11-14 00:00:00
SUSE SLES12 Security Update : spectre-meltdown-checker (SUSE-SU-2019:3340-1)
2019-12-20 00:00:00
redhat
redhat
(RHSA-2020:0026) Important: kpatch-patch security update
2020-01-06 13:40:28
(RHSA-2019:3936) Important: kpatch-patch security update
2019-11-20 20:35:20
(RHSA-2019:3842) Important: kernel security update
2019-11-12 20:16:23
citrix
citrix
Citrix Hypervisor Security Update
2019-11-12 05:00:00
openvas
openvas
openSUSE: Security Advisory for spectre-meltdown-checker (openSUSE-SU-2019:2710-1)
2020-01-09 00:00:00
Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2020-1792)
2020-07-03 00:00:00
CentOS Update for bpftool CESA-2019:3834 centos7
2019-11-15 00:00:00
vmware
vmware
mskb
mskb
November 12, 2019—KB4525245 (OS Build 15063.2172)
2019-11-12 00:00:00
oraclelinux
oraclelinux
microcode_ctl security update
2019-12-04 00:00:00
microcode_ctl security update
2019-12-04 00:00:00
Unbreakable Enterprise kernel security update
2019-11-12 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-11-20 00:16:53
Updated microcode packages fix security vulnerabilities
2019-11-20 00:16:53
Updated microcode packages fix security vulnerabilities
2019-12-26 01:57:53
centos
centos
bpftool, kernel, perf, python security update
2019-11-14 19:41:10
kernel, perf, python security update
2019-11-14 01:19:32
osv
osv
linux-4.9 - security update
2019-11-12 00:00:00
linux - security update
2019-11-12 00:00:00
CVE-2018-12207
2019-11-14 20:15:11
fedora
fedora
[SECURITY] Fedora 30 Update: kernel-headers-5.3.11-200.fc30
2019-11-13 06:28:06
[SECURITY] Fedora 30 Update: kernel-tools-5.3.11-200.fc30
2019-11-13 06:28:06
[SECURITY] Fedora 30 Update: microcode_ctl-2.1-33.fc30
2019-11-13 06:28:06
xen
xen
x86: Machine Check Error on Page Size Change DoS
2019-11-12 17:53:00
TSX Asynchronous Abort speculative side channel
2019-11-12 17:53:00
cve
cve
f5
f5
K17269881 : Intel MCE vulnerability CVE-2018-12207
2019-12-04 00:00:00
K02912734 : Intel CPU vulnerability CVE-2019-11135
2019-11-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-11-13 00:19:59
Information Disclosure
2019-11-13 00:20:00
amazon
amazon
Important: kernel
2019-11-19 17:31:00
Important: kernel
2019-11-19 17:52:00
freebsd
freebsd
FreeBSD -- Machine Check Exception on Page Size Change
2019-11-14 00:00:00
prion
prion
Input validation
2019-11-14 20:15:00
Design/Logic Flaw
2019-11-14 19:15:00
Denial of service
2019-11-12 19:15:00
symantec
symantec
debiancve
debiancve
CVE-2018-12207
2019-11-14 20:15:00
CVE-2019-11135
2019-11-14 19:15:00
ubuntucve
ubuntucve
freebsd_advisory
freebsd_advisory
FreeBSD-SA-19:25.mcepsc
2019-11-12 00:00:00
redhatcve
redhatcve
intel
intel
2019.2 IPU – Intel® Processor Machine Check Error Advisory
2021-05-11 00:00:00
2019.2 IPU – TSX Asynchronous Abort Advisory
2021-05-11 00:00:00
mscve
mscve
Windows Denial of Service Vulnerability
2019-11-12 08:00:00
Windows Kernel Information Disclosure Vulnerability
2019-11-12 08:00:00
alpinelinux
alpinelinux
CVE-2019-11135
2019-11-14 19:15:00
ibm
ibm
photon
photon
rocky
rocky
virt:rhel security update
2020-01-29 13:42:54
ubuntu
ubuntu
Linux kernel vulnerability
2019-11-13 00:00:00
Linux kernel vulnerability
2019-11-13 00:00:00
Linux kernel (Azure) vulnerabilities
2019-11-13 00:00:00
thn
thn
New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs
2019-11-13 15:46:00
almalinux
almalinux
Moderate: virt:rhel security update
2020-01-29 13:42:54
virtuozzo
virtuozzo
debian
debian
[SECURITY] [DSA 4565-2] intel-microcode security update
2019-12-13 20:15:51
cloudfoundry
cloudfoundry
USN-4182-1: Intel Microcode update | Cloud Foundry
2019-11-21 00:00:00
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
Related for ELSA-2019-4837