Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

SUSE: 2018:1377-2 Important: Kernel Update Against Information Leak

suse
Calendar Grey October 18, 2018
Dist Suse Esm H88
A critical SUSE update addresses an important issue in the Linux Kernel related to information leaks, with CVE-2018-3639.
An update that solves one vulnerability and has 9 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2018-3639: Information leaks using "Memory Disambiguation" feature in modern CPUs were mitigated, aka "Spectre Variant 4" (bnc#1087082). A new boot commandline option was introduced, "spec_store_bypass_disable", which can have following values: - auto: Kernel detects whether your CPU model contains an implementation of Speculative Store Bypass and picks the most appropriate mitigation. - on: disable Speculative Store Bypass - off: enable Speculative Store Bypass - prctl: Control Speculative Store Bypass per thread via prctl. Speculative Store Bypass is enabled for a process by default. The state of the control is inherited on fork.

References

#1056427 #1068032 #1075087 #1080157 #1087082

#1090953 #1091041 #1092289 #1093215 #1094019

Cross- CVE-2018-3639

Affected Products:

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2018-3639.html

https://bugzilla.suse.com/1056427

https://bugzilla.suse.com/1068032

https://bugzilla.suse.com/1075087

https://bugzilla.suse.com/1080157

https://bugzilla.suse.com/1087082

https://bugzilla.suse.com/1090953

https://bugzilla.suse.com/1091041

https://bugzilla.suse.com/1092289

https://bugzilla.suse.com/1093215

https://bugzilla.suse.com/1094019

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:1377-2
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.