kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2018:2164 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180710) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged...

Ubuntu: Security Advisory (USN-3690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libvirt vulnerability and update (USN-3680-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3680-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allo...

USN-3679-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)

The Hotfix 3 for Virtuozzo 7.0 Update 7 provides security and stability fixes. Vulnerability id: CVE-2018-1087 A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

USN-3651-1 qemu update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

CVE-2018-3640

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read RSRE, Variant 3a...

Microsoft Guidance for Speculative Store Bypass

Executive summary On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities known as Spectre and Meltdown involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21s...

Microsoft Issues More Spectre Updates For Intel CPUs

Microsoft has released additional Windows 10 mitigations for the Spectre side-channel flaw revealed in January, with an expanded lineup of firmware microcode updates for Intel CPUs that include the Broadwell and Haswell chipsets. The company released two Windows Update packages addressing Spectre...

AMD Rolls Out Spectre Fixes

AMD said that CPU firmware and Windows 10 patches are now available to safeguard its products against the Spectre security flaw. Mark Papermaster, senior vice president and chief technology officer at AMD, said in a Tuesday post that Spectre fixes are available for AMD customers, who can download...

Intel Admits It Won't Be Possible to Fix Spectre (V2) Flaw in Some Processors

As speculated by the researcher who disclosed Meltdown and Spectre flaws in Intel processors, some of the Intel processors will not receive patches for the Spectre variant 2 side-channel analysis attack In a recent microcode revision guidance PDF, Intel admits that it would not be possible to...

MGASA-2018-0176 Updated microcode packages fix security vulnerabilities

This update provides new microcode fixes and mitigations for Spectre CVE-2017-5715 for many Intel CPUs produced in the last 5 years. So far the Intel microcode updates are for several processors from many of Intel Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake, Gemini Lake, Apollo Lake,...

New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown

In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities. The limited time program is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution...

SUSE-SU-2018:0708-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: The Intel CPU microcode version was updated to version 20180312. This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws boo1085207 CVE-2017-5715 - New Platforms - BDX-DE EGW A0 6-56-5:10 e000009 - SKX B1 6-55-3:97 100014...

Intel Details CPU ‘Virtual Fences’ Fix As Safeguard Against Spectre, Meltdown Flaws

Intel introduced hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when the vulnerabilities were made public in early 2018. Spectre and Meltdown, which account for three variants of a side-channel analysis security issue...

Intel Issues Updated Spectre Firmware Fixes For Newer Processors

Intel has issued updated microcode to help protect its newer processors from Spectre security exploits. The Santa Clara, Calif.-based company’s new microcode updates – which impact its newer chip platforms, such as Kaby Lake, Coffee Lake, and Skylake – have been released to OEM customers and...

Intel Releases New Spectre Patch Update for Skylake Processors

After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities Variant 2. For those unaware, Spectre Variant 1, Variant 2 and Meltdown...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU update (USN-3560-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3560-1 advisory. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...

Ubuntu 14.04 LTS / 16.04 LTS : libvirt update (USN-3561-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3561-1 advisory. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...