EUVD-2022-28705

Malicious code in bioql PyPI...

TSX Asynchronous Abort speculative side channel

ISSUE DESCRIPTION This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019. Please see https://xenbits.xen.org/xsa/advisory-297.html for details about MDS. A new way to sample data from microarchitectural structures has been identified. A TSX Asynchronous...

kernel security update

kernel - 2.6.18-419.0.0.0.14 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...

Important kernel security update: New kernel 2.6.32-042stab139.1; Virtuozzo 6.0 Update 12 Hotfix 43 (6.0.12-3743)

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo 6.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS vulnerability patches. Vulnerability id: CVE-2019-38...

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS...

Product update: Virtuozzo Infrastructure Platform 2.5 Update 7 (2.5.0-1650)

This update mitigates the Microarchitectural Store Buffer Data MDS vulnerability and provides a performance bug fix. Vulnerability id: VSTOR-23200 The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculative execution attacks on Intel processors. A...

Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2019-040)

According to the version of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculative executio...

Virtuozzo 7 : bpftool / cpupools / cpupools-features / etc (VZA-2019-039)

According to the version of the bpftool / cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculativ...

Product update: Virtuozzo 6.0 Update 12 Hotfix 41 (6.0.12-3741)

This update provides hypervisor-related fixes for the Microarchitectural Store Buffer Data MDS vulnerability as well as a stability fix. Vulnerability id: PSBM-94407 The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculative execution attacks on...

Product update: Virtuozzo 7.0 Update 10 Hotfix 1 (7.0.10-320)

The Hotfix 1 for for Virtuozzo 7.0.10 mitigates the Microarchitectural Store Buffer Data MDS vulnerability and provides stability and usability bug fixes. Vulnerability id: PSBM-94407 The Microarchitectural Store Buffer Data MDS is a series of hardware vulnerabilities which allow speculative...

Important kernel security update: New kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.14.2.el6. The new kernel inherits security fixes for the Microarchitectural Store Buffer Data MDS vulnerability from the RHEL kernel...

Important kernel security update: New kernel 2.6.32-042stab138.1; Virtuozzo 6.0 Update 12 Hotfix 40 (6.0.12-3739)

This update provides a new kernel 2.6.32-042stab138.1 for Virtuozzo 6.0 based on the RHEL 6.10 kernel 2.6.32-754.14.2.el6. The new kernel inherits security fixes for the Microarchitectural Store Buffer Data MDS vulnerability from the RHEL kernel. Vulnerability id: CVE-2018-12130 A flaw was found ...

kernel security update

3.10.0-957.12.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.2 - x86 x86/speculation/mds: Add SMT warning message Waiman Long 1692597...