September 10, 2019—KB4516055 (Monthly Rollup)

September 10, 2019—KB4516055 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4512512 released August 17, 2019 and addresses the following issues: Provides protections against a new subclass of speculative execution side-chann...

September 10, 2019—KB4516067 (Monthly Rollup)

September 10, 2019—KB4516067 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB 4512478 released August 17, 2019 and addresses the following issues: Provides protections against a new subclass of speculative execution...

September 10, 2019—KB4516064 (Security-only update)

September 10, 2019—KB4516064 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling , for 32-B...

September 10, 2019—KB4516066 (OS Build 16299.1387)

September 10, 2019—KB4516066 OS Build 16299.1387 Reminder: March 12 and April 9 were the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2553)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2553 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)

Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results ar...

hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)

Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA STore Address and STD STore Data sub-operations. These sub-operations allow the processor to hand-off address generation...

qemu-kvm security, bug fix, and enhancement update

1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...

FreeBSD : FreeBSD -- Microarchitectural Data Sampling (MDS) (a633651b-b309-11e9-a87f-a4badb2f4699)

On some Intel processors utilizing speculative execution a local process may be able to infer stale information from microarchitectural buffers to obtain a memory disclosure. Impact : An attacker may be able to read secret data from the kernel or from a process when executing untrusted code for...

Oracle Linux 8 : kernel (ELSA-2019-1167)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1167 advisory. - arm64 arm64/speculation: Support 'mitigations=' cmdline option Josh Poimboeuf 1698809 1698896 1699001 1690338 1690360 1690351 CVE-2018-12130...

virt:rhel security update

libguestfs 1:1.38.4-10.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling that...

openSUSE Security Update : ucode-intel (openSUSE-2019-1806) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for ucode-intel fixes the following issues : This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSB...

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2019:1805-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1805-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

SUSE-SU-2019:1954-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

SUSE-SU-2019:14133-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSB...

SUSE-SU-2019:1910-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

Security Advisory - Intel Microarchitectural Data Sampling (MDS) vulnerabilities

Intel officially released a group of microarchitecture data sampling MDS vulnerabilities. An attacker with local access to a targeted system may exploit these vulnerabilities to obtain data on the targeted system, causing some information leakage. Vulnerability ID: HWPSIRT-2019-05136,...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-3977-3)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3977-3 advisory. USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a...

USN-3977-3 intel-microcode update

USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for the Intel Sandy Bridge processor family Ke Sun,...