Red Hat Security Advisory 2018-1737-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
12d07b36338aefed0761257d6cedc87be92090e9a360b31c3736aa9d08f6cac0Red Hat Security Advisory 2018-1637-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
d0517fd2db6605db9bc9abd855c413a5da0835227db340c80b01f2d36ba55f17Red Hat Security Advisory 2018-1640-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
656a296a6149092fc15e1d3aaadea3b1349ee57915aa08394c99638055999431Red Hat Security Advisory 2018-1639-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
132ad42b9c49fe643e607a9f05ae75707b4db8fcc38ffa2c95bd8da475181eceRed Hat Security Advisory 2018-1641-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
f8aef9b60c65bcf6fb58d8c84ca80f5500109c8c6662f1f5ea79c1a5c24b5c6dRed Hat Security Advisory 2018-1638-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
1e6f56d6cf5c88e0c9a5347409ffd89abf278b7bea39363845df03764831235eDebian Linux Security Advisory 4210-1 - This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update).
e7dea1a2627fbb19e4616f6132a1e36513ef8af16446a94b6535d852641ce04eRed Hat Security Advisory 2018-1711-01 - The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Issues addressed include a bypass vulnerability.
e886f234d79b87efe7f7cd426d7cc08c09c97dad7766beefc21e061a21abae82Red Hat Security Advisory 2018-1710-01 - The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.
23297ab3f872b67103644c028bcad01fbd7c1f3a2d71e75c2861b3cbf8b52a33Red Hat Security Advisory 2018-1696-01 - The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.
cb6316b1ec9d0975639cc3c4a4086e2199ed0af6c175861059e50ff95c0aa7a7Variant 4 of the speculative execution vulnerability that focuses on a speculative store bypass.
32733afd4762676a489f2d393105fa57a3b819e2e18120a143e7c1125411328eVMware Security Advisory 2018-0012 - VMware vSphere, Workstation and Fusion updates enable Hypervisor- Assisted Guest Mitigations for Speculative Store Bypass issue. The mitigations in this advisory are categorized as Hypervisor Assisted Guest Mitigations described by VMware Knowledge Base article 54951. KB54951 also covers CVE-2018-3640 mitigations which do not require VMware product updates.
8a6cd5b75e3ff0ddbd73b394b015d3a71a9d29925858ca1769d9c51525a44241Ubuntu Security Notice 3655-2 - USN-3655-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
d20de8a8b1a91c1868f659ceb93e500b05dcd66acdac31b9a1b5e284acd625b6Ubuntu Security Notice 3655-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Jan H. Schonherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could use this to cause a denial of service or possibly gain administrative privileges in the host. Various other issues were also addressed.
b4540785a10c68708436fa71415c979852b1d924f18c7bfa316d742b5563b642Ubuntu Security Notice 3654-2 - USN-3654-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
de22c970ed2387a5b65d9f771bda19a47f769cd6937f436e2540fe3278eafdccUbuntu Security Notice 3654-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
5f261dbe5831c41c0bd4f2b983165daf32e4b78c0ecc0db3052a95ea2f5075e3Ubuntu Security Notice 3653-2 - USN-3653-1 fixed vulnerabilities and added mitigations in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.
24369ce639746b8afd34db0ce7bb0af4184336f65b3521bb65d2e20967beb378Red Hat Security Advisory 2018-1660-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.
f1f139301c24619d41bcb0deb699d711bb803e59e1ce908f2a64e28158866ab4Red Hat Security Advisory 2018-1647-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include a bypass vulnerability.
1a6655c9c0ce7379a10cbdf58ca475f184c2e8b9d261fadec9f7e0658017bc84Red Hat Security Advisory 2018-1655-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.
87fe7a482fa44b3be9e1c652fabba8215fb2a37cc4acd0dc4dfe6e19863661ceRed Hat Security Advisory 2018-1635-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
943432d24e3debe9045420bfc270d7cb54adc9cbd279a06140b19f0a7bc818d7Red Hat Security Advisory 2018-1636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
077359b07aa7e9647eb92930eaf8d1f34279a7b85ab67c73990b3a8a032f41e3Red Hat Security Advisory 2018-1645-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.
26f2c541877481c0e1b3514f9fe506ffcb88e5434e034503aabd92470a657076Red Hat Security Advisory 2018-1654-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.
2a35000d4b23dede5558b0def43e3c710a3f5abb08780ab07d9754b16fafafb2Red Hat Security Advisory 2018-1664-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a bypass vulnerability.
61ddad1ed77cd23a559b801717c61b983f9e2720793b6a59e99dfb9f3a45fd98
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed