Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE: 2021:2899-2 Critical Update for Spectre and Meltdown Threats

suse
Calendar Grey August 27, 2021
Scroller Suse
Essential update for SUSE Linux targeting Spectre and Meltdown security flaws. Information on the update is provided.
An update that fixes one vulnerability is now available

Summary

This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 (bsc#1189477) - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression (#370) - enh: arm: add experimental support for binary arm images - enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode - fix: fwdb: remove Intel extract tempdir on exit - fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278) - fix: fwdb: use the commit date as the intel fwdb version - fix: fwdb: update Intel's repository URL - fix: arm64: CVE-2017-5753: kernels 4.19+ use a different nospec macro - fix: on CPU parse info under FreeBSD - chore: github: add check run on pull requests - chore: fwdb: update to v165.20201021+i20200616

References

#1189477

Cross- CVE-2017-5753

CVSS scores:

CVE-2017-5753 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2017-5753 (SUSE): 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2017-5753.html

https://bugzilla.suse.com/1189477

Announcement ID: SUSE-SU-2021:2862-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.