Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 28: C36AFA818C Critical: MDS Kernel-Headers Info Leak

fedora
Calendar Grey May 16, 2019
Dist Fedora Esm H88
A vital security patch for Fedora 28's kernel-headers implemented to mitigate MDS flaws is now available. Ensure your system's safety!
The 5.0.16 stable updates contain a number of important fixes across the tree

Summary

Kernel-headers includes the C header files that specify the interface

between the Linux kernel and userspace libraries and programs. The

header files define structures and constants that are needed for

building most standard programs and are also needed for rebuilding the

glibc package.

The 5.0.16 stable updates contain a number of important fixes across the tree.

Most importantly, these updates address the kernel portion of the MDS CVEs.

---- The 5.0.14 update contains a number of important fixes across the tree.

There is no kernel-headers or kernel-tools build this time.

[ 1 ] Bug #1709837 - CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

https://bugzilla.redhat.com/show_bug.cgi?id=1709837

[ 2 ] Bug #1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

https://bugzilla.redhat.com/show_bug.cgi?id=1705312

[ 3 ] Bug #1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

https://bugzilla.redhat.com/show_bug.cgi?id=1646784

[ 4 ] Bug #1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)

https://bugzilla.redhat.com/show_bug.cgi?id=1667782

[ 5 ] Bug #1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)

https://bugzilla.redhat.com/show_bug.cgi?id=1646781

su -c 'dnf upgrade --advisory FEDORA-2019-c36afa818c' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory information leak critical Fedora hardware threat kernel-headers MDS

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 28
Version: 5.0.16
Release: 100.fc28
URL: https://www.kernel.org/
Summary: Header files for the Linux kernel for use by glibc

Topics%20covered

Topics Covered

security advisory information leak critical Fedora hardware threat kernel-headers MDS

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here