openSUSE Security Update : ucode-intel (openSUSE-2018-887) (Foreshadow) (Spectre)

ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and is part of the mitigations for CVE-2018-3639 Spectre v4 and CVE-2018-3646 L1 Terminal fault. bsc1104134 bsc1087082 bsc1087083 bsc1089343 Processor Identifier Version Products Mode...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2416-1) (Foreshadow)

This update for the Linux Kernel 4.4.114-9414 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

OracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0248 for details. C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2018-0248...

Debian DSA-4279-1 : linux - security update (Foreshadow)

Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...

SUSE SLES12 Security Update : xen (SUSE-SU-2018:2410-1) (Foreshadow)

This update for xen fixes the following security issues : - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest O...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:2401-1) (Foreshadow)

This update for xen fixes the following security issues : - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest O...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-885) (Foreshadow)

The openSUSE Leap 42.3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-18344: The timercreate syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent-sigevnotify field, which leads to...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2356-1) (Foreshadow)

This update for the Linux Kernel 3.12.61-52111 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2363-1) (Foreshadow)

This update for the Linux Kernel 3.12.74-606482 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2384-1) (Foreshadow)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacach...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2362-1) (Foreshadow)

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-13053: The alarmtimernsleep function in kernel/time/alarmtimer.c had an integer overflow via a large relative timeout because ktimeaddsafe is not...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2389-1) (Foreshadow)

This update for the Linux Kernel 4.4.120-9270 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2353-1) (Foreshadow)

This update for the Linux Kernel 3.12.74-606463 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2366-1) (Foreshadow)

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2358-1) (Foreshadow)

This update for the Linux Kernel 3.12.74-606496 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

Debian DSA-4274-1 : xen - security update (Foreshadow)

This update provides mitigations for the 'L1 Terminal Fault'vulnerability affecting a range of Intel CPUs. For additional information please refer to https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates mentioned there are not yet available in a form distributable by Debian. In...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2347-1) (Foreshadow)

This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2354-1) (Foreshadow)

This update for the Linux Kernel 3.12.61-52119 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2355-1) (Foreshadow)

This update for the Linux Kernel 3.12.74-606457 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2341-1) (Foreshadow)

This update for the Linux Kernel 3.12.61-52125 fixes several issues. The following security issues were fixed : - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other...