Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 546
Alerts This Week
Warning Icon 1 546

SUSE: 2018:2426-1 Important: Kernel-Livepatch-Tools L1TF Mitigation

suse
Calendar Grey August 18, 2018
Scroller Suse Esm H88
SUSE Security Patch addresses L1 Terminal Fault vulnerability in kernel-livepatch-tools alongside critical update guidelines.
An update that fixes one vulnerability is now available

Summary

This update for kernel-livepatch-tools fixes the following issues: Add script for disabling SMT to help with the mitigation of the "L1 Terminal Fault" issue (CVE-2018-3646 bsc#1099306) The script is called "klp-kvm-l1tf-ctrl-smt" and is used for enabling or disabling SMT to mitigate the issue when this administrative decision is taken. Disabling SMT: klp-kvm-l1tf-ctrl-smt -d Enabling SMT: klp-kvm-l1tf-ctrl-smt -e Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2018-1687=1 - SUSE Linux Enterprise Live Patching 12-SP3:

References

#1099306

Cross- CVE-2018-3646

Affected Products:

SUSE Linux Enterprise Module for Live Patching 15

SUSE Linux Enterprise Live Patching 12-SP3

https://www.suse.com/security/cve/CVE-2018-3646.html

https://bugzilla.suse.com/1099306

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2426-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.