7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.7%
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Previously, on certain little-endian variants of IBM Power Systems, there was no “sysfs spec_store_bypass” file. As a consequence, there was no way to indicate the Speculative Store Bypass Disable (SSBD) mitigation status. This update adds infrastructure code into the kernel to create the /sys/devices/system/cpu/vulnerabilities/* files. As a result, sysfs spec_store_bypass shows whether the SSBD mitigation is disabled or enabled. (BZ#1602340)
Previously, the kernel architectures for IBM z Systems were missing support to display the status of the Spectre v2 mitigations. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spectre_v2 file did not exist. With this update, the kernel now shows the status in the above mentioned file and as a result, the file now reports either “Vulnerable” or “Mitigation: execute trampolines” message. (BZ#1619667)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | ppc64le | perf | < 4.14.0-49.13.1.el7a | perf-4.14.0-49.13.1.el7a.ppc64le.rpm |
RedHat | 7 | ppc64le | perf-debuginfo | < 4.14.0-49.13.1.el7a | perf-debuginfo-4.14.0-49.13.1.el7a.ppc64le.rpm |
RedHat | 7 | aarch64 | perf | < 4.14.0-49.13.1.el7a | perf-4.14.0-49.13.1.el7a.aarch64.rpm |
RedHat | 7 | aarch64 | kernel-headers | < 4.14.0-49.13.1.el7a | kernel-headers-4.14.0-49.13.1.el7a.aarch64.rpm |
RedHat | 7 | ppc64le | kernel-debuginfo-common-ppc64le | < 4.14.0-49.13.1.el7a | kernel-debuginfo-common-ppc64le-4.14.0-49.13.1.el7a.ppc64le.rpm |
RedHat | 7 | ppc64le | kernel-debug-devel | < 4.14.0-49.13.1.el7a | kernel-debug-devel-4.14.0-49.13.1.el7a.ppc64le.rpm |
RedHat | 7 | s390x | kernel-debuginfo | < 4.14.0-49.13.1.el7a | kernel-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm |
RedHat | 7 | s390x | kernel-devel | < 4.14.0-49.13.1.el7a | kernel-devel-4.14.0-49.13.1.el7a.s390x.rpm |
RedHat | 7 | ppc64le | kernel-devel | < 4.14.0-49.13.1.el7a | kernel-devel-4.14.0-49.13.1.el7a.ppc64le.rpm |
RedHat | 7 | s390x | python-perf-debuginfo | < 4.14.0-49.13.1.el7a | python-perf-debuginfo-4.14.0-49.13.1.el7a.s390x.rpm |
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.7%