Red Hat Security Advisory 2018-1676-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include backup related and bypass vulnerabilities.
adc8b58ee3b37683d8057019b6ca2fd206c72775cb429a45dd885e383b638b3b
Red Hat Security Advisory 2018-1649-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
71e30add9beb70fbc6f75b595b422c1c34eb78ee9d20bb2da852374d3072cd9e
Red Hat Security Advisory 2018-1646-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a bypass vulnerability.
9e4165e411fc91ac98476a3b50f3e2fd6e647bed673bf70408d807e859bd3251
Red Hat Security Advisory 2018-1657-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.
71f5cfef7c2ed2aad36ea21a6076a4e9c55356ba60517cbe2e482c0508255737
Red Hat Security Advisory 2018-1663-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a bypass vulnerability.
20d891d043f60328164babb4938c92f6b1e61a244647770b6077d526f96cfc69
Red Hat Security Advisory 2018-1650-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a bypass vulnerability.
bfb9b74605db6c8c036f5abd1d1a7cb02697739a570f8b047faaf15933477714
Red Hat Security Advisory 2018-1651-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
322291dd0547215cd10cb88187951298a5a4911116854faa9b34da5773d96bf0
Red Hat Security Advisory 2018-1630-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a bypass vulnerability.
7e70f12e450e11a411755e67c7bdc3b92d6061f604dfc7dec95f44ae514ce60e
Ubuntu Security Notice 3653-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. It was discovered that the netlink subsystem in the Linux kernel did not properly restrict observations of netlink messages to the appropriate net namespace. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
d9fc900e1f4d55c8f25f80332560895a636a3d420324f107816b8351e17b5486
Ubuntu Security Notice 3652-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory.
4f305f3039ed043ebd551d5646ac1823153626251281ebbec53acda8e4c5c389
Ubuntu Security Notice 3651-1 - Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64 and i386.
e1006701fb74f4331e5c75feae579f67e60025aeca0efd430ac543cd7ea720f7