Security Bulletin: Vulnerability in SSLv3 affects IBM Virtualization Engine TS7700 (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Virtualization Engine TS7700. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain...

Security Bulletin: Java vulnerability on IBM Storage DS8870 (CVE-2014-0411)

Summary IBM Enterprise Storage DS8870 HMC extensively uses Java, for which a fix is available for a security vulnerability. Vulnerability Details CVEID: CVE-2014-0411 DESCRIPTION: Java is used throughout the DS8870 HMC including the command line interface CLI and graphical user interface GUI and...

Security Bulletin: IBM XIV is affected by a vulnerability in OpenSSL (CVE-2014-0160)

Summary A security vulnerability has been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libvirt vulnerability and update (USN-3680-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3680-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allo...

SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2018:1661-1)

This update for ucode-intel fixes the following issues: Update to version 20180425 bsc1091836 Fix provided for : - GLK B0 6-7a-1/01 0000001e-00000022 Pentium Silver N/J5xxx, Celeron N/J4xxx - Name microcodes which are not allowed to load late with a .early suffix Note that Tenable Network Securit...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU update (USN-3679-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3679-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow...

Ubuntu: Security Advisory (USN-3680-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2018:1661-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Update to version 20180425 bsc1091836 Fix provided for: - GLK B0 6-7a-1/01 0000001e-00000022 Pentium Silver N/J5xxx, Celeron N/J4xxx - Name microcodes which are not allowed to load late with a .early suffix...

USN-3680-1 libvirt vulnerability and update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

USN-3679-1: QEMU update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

Virtuozzo 7 : anaconda / anaconda-core / anaconda-dracut / etc (VZA-2018-037)

According to the versions of the anaconda / anaconda-core / anaconda-dracut / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a...

RHEL 6 : kernel (RHSA-2018:1641)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1641 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An industry-wide issue was found in the way man...

Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)

The Hotfix 3 for Virtuozzo 7.0 Update 7 provides security and stability fixes. Vulnerability id: CVE-2018-1087 A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

Updated microcode packages fix security vulnerability

This update adds microcode fixes and mitigations for Spectre CVE-2017-5715 for the following: Intel Pentium Silver N/J5xxx, Celeron N/J4xxx Intel Xeon E5/E7 v4; Core i7-69xx/68xx Amd has also released their updated microcode for Fam15 and Fam17 cpus...

MGASA-2018-0260 Updated microcode packages fix security vulnerability

This update adds microcode fixes and mitigations for Spectre CVE-2017-5715 for the following: Intel Pentium Silver N/J5xxx, Celeron N/J4xxx Intel Xeon E5/E7 v4; Core i7-69xx/68xx Amd has also released their updated microcode for Fam15 and Fam17 cpus...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

[SECURITY] [DSA 4210-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4210-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2018 https://www.debian.org/security/faq -...