Mageia: 2019-0171 Moderate: Kernel MDS Vulnerabilities Mitigation
mageia
May 16, 2019
This kernel update provides the upstream 4.14.119 that adds the kernel side mitigations for the Microarchitectural Data Sampling (MDS, also called ZombieLoad attack) vulnerabilitie...
Summary
This kernel update provides the upstream 4.14.119 that adds the kernel side
mitigations for the Microarchitectural Data Sampling (MDS, also called
ZombieLoad attack) vulnerabilities in Intel processors that can allow
attackers to retrieve data being processed inside a CPU. To complete the
mitigations new microcode is also needed, either by installing the
microcode-0.20190514-1.mga6 package, or get an updated bios / uefi
firmware from the motherboard vendor.
The fixed / mitigated issues are:
Modern Intel microprocessors implement hardware-level micro-optimizations
to improve the performance of writing data back to CPU caches. The write
operation is split into STA (STore Address) and STD (STore Data)
sub-operations. These sub-operations allow the processor to hand-off
address generation logic into these sub-operations for optimized writes.
Both of these sub-operations write to a shared distributed processor
structure called the 'processor store buffer'. As a result, an
unprivileged at...
References
- https://bugs.mageia.org/show_bug.cgi?id=24774
- https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.79
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.80
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.81
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.82
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.83
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.84
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.86
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.88
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.89
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.90
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.91
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.92
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.93
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.94
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.95
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.96
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.97
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.98
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.100
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.101
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.102
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.103
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.104
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.106
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.107
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.108
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.110
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.111
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.113
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.115
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.116
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.117
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.118
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.119
- https://www.cve.org/CVERecord?id=CVE-2018-1128
- https://www.cve.org/CVERecord?id=CVE-2018-1129
- https://www.cve.org/CVERecord?id=CVE-2018-12126
- https://www.cve.org/CVERecord?id=CVE-2018-12127
- https://www.cve.org/CVERecord?id=CVE-2018-12130
- https://www.cve.org/CVERecord?id=CVE-2018-14625
- https://www.cve.org/CVERecord?id=CVE-2018-16862
- https://www.cve.org/CVERecord?id=CVE-2018-16882
- https://www.cve.org/CVERecord?id=CVE-2018-16884
- https://www.cve.org/CVERecord?id=CVE-2018-18397
- https://www.cve.org/CVERecord?id=CVE-2018-19824
- https://www.cve.org/CVERecord?id=CVE-2018-19985
- https://www.cve.org/CVERecord?id=CVE-2018-1000026
- https://www.cve.org/CVERecord?id=CVE-2019-3701
- https://www.cve.org/CVERecord?id=CVE-2019-3819
- https://www.cve.org/CVERecord?id=CVE-2019-3882
- https://www.cve.org/CVERecord?id=CVE-2019-7308
- https://www.cve.org/CVERecord?id=CVE-2019-6974
- https://www.cve.org/CVERecord?id=CVE-2019-7221
- https://www.cve.org/CVERecord?id=CVE-2019-7222
- https://www.cve.org/CVERecord?id=CVE-2019-9213
- https://www.cve.org/CVERecord?id=CVE-2019-11091
- https://www.cve.org/CVERecord?id=CVE-2019-11486
- https://www.cve.org/CVERecord?id=CVE-2019-11599
Resolution
SRPMS
- 6/core/kernel-tmb-4.14.119-1.mga6
PREVIOUS
NEXT
Publication date: 16 May 2019
URL: https://advisories.mageia.org/MGASA-2019-0171.html
Type: security
CVE: CVE-2018-1128,
CVE-2018-1129,
CVE-2018-12126,
CVE-2018-12127,
CVE-2018-12130,
CVE-2018-14625,
CVE-2018-16862,
CVE-2018-16882,
CVE-2018-16884,
CVE-2018-18397,
CVE-2018-19824,
CVE-2018-19985,
CVE-2018-1000026,
CVE-2019-3701,
CVE-2019-3819,
CVE-2019-3882,
CVE-2019-7308,
CVE-2019-6974,
CVE-2019-7221,
CVE-2019-7222,
CVE-2019-9213,
CVE-2019-11091,
CVE-2019-11486,
CVE-2019-11599
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!