Debian 8 Jessie DLA-1990-1: Critical Update for Linux Kernel 4.9
debian lts
November 13, 2019
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak
Summary
It was discovered that on Intel CPUs supporting hardware
virtualisation with Extended Page Tables (EPT), a guest VM may
manipulate the memory management hardware to cause a Machine Check
Error (MCE) and denial of service (hang or crash).
The guest triggers this error by changing page tables without a
TLB flush, so that both 4 KB and 2 MB entries for the same virtual
address are loaded into the instruction TLB (iTLB). This update
implements a mitigation in KVM that prevents guest VMs from
loading 2 MB entries into the iTLB. This will reduce performance
of guest VMs.
Further information on the mitigation can be found at
or in the linux-doc-4.9 package.
Intel's explanation of the issue can be found at
CVE-2019-0154
Intel discovered that on their 8th and 9th generation GPUs,
reading certain registers while the GPU is in a low-power state
can cause a system hang. A local user permitted to use the GPU
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: linux-4.9
Version: 4.9.189-3+deb9u2~deb8u1
CVE ID: CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-11135
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!