Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX...

Updated microcode packages fix security vulnerabilities

This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX may...

MGASA-2018-0346 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX m...

MGASA-2018-0345 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX may...

MGASA-2018-0344 Updated microcode packages fix security vulnerabilities

This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...

DSA-4273-1 intel-microcode - security update

Bulletin has no description...

Security Bulletin: IBM QRadar SIEM has released 7.3.1 Patch 4, and 7.2.8 Patch 13 in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following 7.3.1 Patch 4, and 7.2.8 Patch 13 for IBM QRadar SIEM in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM QRadar SIEM 7.3.0 –...

CVE-2018-3646

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.144/: Upgraded. This kernel update enables additional mitigations for spectrev2 IBPB and IBRSFW. It also enables reporting on the...

DLA-1446-1 intel-microcode - security update

Bulletin has no description...

SUSE-SU-2018:2076-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: The Intel CPU Microcode bundle was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083 More details can be found on:...

MGASA-2018-0322 Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...

Debian DLA-1422-2 : linux security update (Spectre)

The previous update to linux failed to build for the armhf ARM EABI hard-float architecture. This update corrects that. For all other architectures, there is no need to upgrade or reboot again. For reference, the relevant part of the original advisory text follows. Several vulnerabilities have be...

SUSE-SU-2018:1935-1 Recommended update for ucode-intel

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

USN-3690-2 amd64-microcode regression

USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : AMD Microcode update (USN-3690-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3690-1 advisory. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via...

USN-3690-1 amd64-microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

SUSE-SU-2018:1661-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Update to version 20180425 bsc1091836 Fix provided for: - GLK B0 6-7a-1/01 0000001e-00000022 Pentium Silver N/J5xxx, Celeron N/J4xxx - Name microcodes which are not allowed to load late with a .early suffix...

KLA11030 Speculative Store Bypass and Rogue System Register Read vulnerabilities in Microsoft Surface Products

On January 3, 2018, Microsoft released advisories and security updates related to a recently discovered class of hardware vulnerabilities known as Spectre and Meltdown that affect AMD, ARM, and Intel CPUs. On May 21, 2018, Intel announced the Rogue System Registry Read vulnerability. Also a new...