Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

openSUSE Leap 15.0: 2018:1420-1 Important: Speculative Store Bypass

opensuse
Calendar Grey May 25, 2018
Dist Opensuse Esm H88
News regarding openSUSE Leap 15.0 kernel improvements tackling Speculative Store Bypass vulnerabilities along with multiple security upgrades.
An update that solves one vulnerability and has one errata is now available.

Description

The openSUSE Leap 15.0 kernel was updated to receive various security and

bugfixes.

The following security bugs were fixed:

- CVE-2018-3639: Systems with microprocessors utilizing speculative

execution and speculative execution of memory reads before the addresses

of all prior memory writes are known may allow unauthorized disclosure

of information to an attacker with local user access via a side-channel

analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1087082).

A new boot commandline option was introduced,

"spec_store_bypass_disable", which can have following values:

- auto: Kernel detects whether your CPU model contains an implementation

of Speculative Store Bypass and picks the most appropriate mitigation.

- on: disable Speculative Store Bypass

- off: enable Speculative Store Bypass

- prctl: Control Speculative Store Bypass per thread via prctl.

Speculative Store Bypass is enabled for a...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update kernel patch important local access openSUSE speculative store bypass

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2018-515=1

Package List

- openSUSE Leap 15.0 (x86_64):

kernel-debug-4.12.14-lp150.12.4.1

kernel-debug-base-4.12.14-lp150.12.4.1

kernel-debug-base-debuginfo-4.12.14-lp150.12.4.1

kernel-debug-debuginfo-4.12.14-lp150.12.4.1

kernel-debug-debugsource-4.12.14-lp150.12.4.1

kernel-debug-devel-4.12.14-lp150.12.4.1

kernel-debug-devel-debuginfo-4.12.14-lp150.12.4.1

kernel-default-4.12.14-lp150.12.4.1

kernel-default-base-4.12.14-lp150.12.4.1

kernel-default-base-debuginfo-4.12.14-lp150.12.4.1

kernel-default-debuginfo-4.12.14-lp150.12.4.1

kernel-default-debugsource-4.12.14-lp150.12.4.1

kernel-default-devel-4.12.14-lp150.12.4.1

kernel-default-devel-debuginfo-4.12.14-lp150.12.4.1

kernel-kvmsmall-4.12.14-lp150.12.4.1

kernel-kvmsmall-base-4.12.14-lp150.12.4.1

kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.4.1

kernel-kvmsmall-debuginfo-4.12.14-lp150.12.4.1

kernel-kvmsmall-debugsource-4.12.14-lp150.12.4.1

kernel-kvmsmall-devel-4.12.14-lp150.12.4.1

kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.4.1

kernel-obs-build-4.12.14-lp150.12.4.1

kernel-obs-bu...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2018-3639.html

https://bugzilla.suse.com/1087082

https://bugzilla.suse.com/1088273

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2018:1420-1
Rating: important
Affected Products: openSUSE Leap 15.0 le.

Topics%20covered

Topics Covered

security advisory security update kernel patch important local access openSUSE speculative store bypass

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here