[SECURITY] [DLA 1423-1] linux-4.9 new package

Package : linux-4.9 Version : 4.9.110-1deb8u1 CVE ID : CVE-2017-5753 CVE-2017-18255 CVE-2018-1118 CVE-2018-1120 CVE-2018-1130 CVE-2018-3639 CVE-2018-5814 CVE-2018-10021 CVE-2018-10087 CVE-2018-10124 CVE-2018-10853 CVE-2018-10876 CVE-2018-10877 CVE-2018-10878 CVE-2018-10879 CVE-2018-10880...

CentOS 6 : kernel (CESA-2018:2164) (Spectre)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Debian DLA-1422-2 : linux security update (Spectre)

The previous update to linux failed to build for the armhf ARM EABI hard-float architecture. This update corrects that. For all other architectures, there is no need to upgrade or reboot again. For reference, the relevant part of the original advisory text follows. Several vulnerabilities have be...

CentOS Update for kernel CESA-2018:2164 centos6

Check the version of kernel SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882924";...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2018:2164 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE SLED12 / SLES12 Security Update : Recommended update for ucode-intel (SUSE-SU-2018:1935-1) (Spectre)

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

SUSE-SU-2018:1935-1 Recommended update for ucode-intel

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

SUSE-SU-2018:1926-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: The microcode bundles was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180710) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged...

kernel security and bug fix update

2.6.32-754.2.1.OL6 - Update genkey bug 25599697 2.6.32-754.2.1 - x86 entry/64: Don't use IST entry for BP stack Waiman Long 1596113 CVE-2018-10872 - fs gfs2: Flush delayed work earlier in gfs2inodelookup Andreas Grunbacher 1506281 - mm mempolicy: fix use after free when calling getmempolicy Augus...

openSUSE Security Update : ucode-intel (openSUSE-2018-700) (Spectre)

This update for ucode-intel fixes the following issues : The microcode bundles was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

Fedora 27 : 2:qemu (2018-9f02e5ed7b) (Spectre)

Add new CPU features for CVE-2017-5715 and CVE-2018-3639 On Intel x86 hosts, the 'ssbd' feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. NB this requires new microcode too, which is not yet available in Fedora microcodectl RPMs. On...

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2018:1904-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu 14.04 LTS : AMD Microcode regression (USN-3690-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3690-2 advisory. USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This...

Ubuntu: Security Advisory (USN-3690-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3690-2: AMD Microcode regression

USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...

USN-3690-2 amd64-microcode regression

USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...

Ubuntu: Security Advisory (USN-3690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : AMD Microcode update (USN-3690-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3690-1 advisory. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via...

USN-3690-1 amd64-microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...