SUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling MSBDS: Stored buffers on some microprocessors utilizing speculative...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2553)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2553 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

qemu-kvm security, bug fix, and enhancement update

1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...

Oracle Linux 8 : kernel (ELSA-2019-1167)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1167 advisory. - arm64 arm64/speculation: Support 'mitigations=' cmdline option Josh Poimboeuf 1698809 1698896 1699001 1690338 1690360 1690351 CVE-2018-12130...

virt:rhel security update

libguestfs 1:1.38.4-10.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-10.1 - Fix inspection of partition-less devices resolves: rhbz1714747 libssh2 1.8.0-7.el80.1 - fix integer overflow in keyboard interactive handling that...

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2019:1805-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2019:1547-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for libvirt fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

RHEL 8 : Advanced Virtualization (RHSA-2019:1455)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1455 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4675)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4675 advisory. - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786788 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4672)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4672 advisory. - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786787 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4669)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4669 advisory. 4.1.12-124.27.2 - x86/speculation/mds: Check for the right microcode before setting mitigation Kanth Ghatraju Orabug: 29797118 - vxlan: test...

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2018-12130

CVE-2018-12130 : Microarchitectural Fill Buffer Data Sampling (MFBDS). Some Intel CPUs using speculative execution may leak information via fill buffers to a local attacker. Publicly referenced documents describe mitigations including microcode updates and OS/kernel mitigations (e.g., TSX/related...

CVE-2018-12126

Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2018-12126

CVE-2018-12126 is a microarchitectural side-channel vulnerability affecting Intel CPUs via uncacheable data in store buffers exposed to nearby processes. Public advisories (e.g., ALAS2-2019-1274, Linux kernel debugs in DSA/DLA notices) describe mitigations including microcode updates and OS-level...

SUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

openSUSE Security Update : xen (openSUSE-2019-1419) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4643)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4643 advisory. - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721848 CVE-2019-11091 - x86/speculation/mds: Make mdsmitigation mutable...