Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
197
security advisoryDebianIntelDebian LTS: DLA-3524-1 Critical: Intel CPU Data Sampling Threat
Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3524-1
Aug 10, 2023
•Critical
Debian LTS
200
security advisorycriticalhardware issueScientific Linux SL7.x SLSA-2021-3028-1 Critical: Hardware Issues
hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) [More...]. Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: SLSA-2021:3028-1 Issue Date: 2021-08-09 CVE Numbers: CVE-2020-0548 CVE-2020-0549 CVE-2020-0543 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 -- Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors(CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors(CVE-2020-24512) * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) --- SL7 x86_64 - microcode_ctl-2.1-73.11.el7_9.x86_64.rpm - microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm -- - Scientific Linux Development Team . Revised firmware_ctl tackles numerous security flaws on Scientific Linux SL7.x. Essential patches advised.. microcode Update, Hardware Fixes, Scientific Linux Security. . Severity: Critical. LinuxSecurity.com Team
Aug 09, 2021
•Critical
Scientific Linux
203
security advisorymoderatememory leakMageia 7 & 8 MGASA-2021-0192 Moderate: Kernel Security Issues Fixed
This kernel update is based on upstream 5.10.30 and fixes atleast the following security issues: nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) . MGASA-2021-0192 - Updated kernel packages fix security vulnerabilities Publication date: 18 Apr 2021 URL: https://advisories.mageia.org/MGASA-2021-0192.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2021-3483, CVE-2021-29154, CVE-2021-29657 This kernel update is based on upstream 5.10.30 and fixes atleast the following security issues: nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670) nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671) nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672) firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483) BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context (CVE-2021-29154). KVM: SVM: load control fields from VMCB12 before checking them (CVE-2021-29657). It also adds the following fixes: - x86/fpu/64: Don't FNINIT in kernel_fpu_begin() - Revert "iommu/amd: Fix performance counter initialization" - iommu/amd: Remove performance counter pre-initialization test - hwmon: (amd_energy) Add AMD family 19h model 30h x86 match - hwmon: (amd_energy) Use unified function to read energy data - hwmon: (amd_energy) Restore visibility of energy counters For other upstream fixes, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=28782 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.28 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.29 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.30 - https://www.cve.org/CVERecord?id=CVE-2020-25670 - https://www.cve.org/CVERecord?id=CVE-2020-25671 - https://www.cve.org/CVERecord?id=CVE-2020-25672 - https://www.cve.org/CVERecord?id=CVE-2021-3483 -https://www.cve.org/CVERecord?id=CVE-2021-29154 - https://www.cve.org/CVERecord?id=CVE-2021-29657 SRPMS: - 8/core/kernel-5.10.30-1.mga8 - 8/core/kmod-virtualbox-6.1.18-24.mga8 - 8/core/kmod-xtables-addons-3.13-40.mga8 - 7/core/kernel-5.10.30-1.mga7 - 7/core/kmod-virtualbox-6.1.18-14.mga7 - 7/core/kmod-xtables-addons-3.13-20.mga7 . Mageia 2021-0193 kernel patch resolves several security flaws and incorporates essential updates. Discover further details within.. Mageia Kernel Update, Security Fixes, Kernel Issues. . LinuxSecurity.com Team
Apr 18, 2021
Mageia
202
security advisoryupdatesecurity fixopenSUSE Leap 15.1: 2020:1791-1 Important: Sane-Backends Security Issues
An update that fixes 7 vulnerabilities is now available.. openSUSE Security Update: Security update for sane-backends ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1791-1 Rating: important References: #1172524 Cross-References: CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for sane-backends fixes the following issues: sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices (jsc#ECO-2418 jsc#SLE-15561 jsc#SLE-15560) and also fix various security issues: - CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write (bsc#1172524) - CVE-2020-12862,CVE-2020-12863,CVE-2020-12864,: Fixed an out of bounds read (bsc#1172524) - CVE-2020-12866,CVE-2020-12867: Fixed a null pointer dereference (bsc#1172524) The upstream changelogs can be found here: - https://gitlab.com/sane-project/backends/-/releases/1.0.28 - https://gitlab.com/sane-project/backends/-/releases/1.0.29 - https://gitlab.com/sane-project/backends/-/releases/1.0.30 - https://gitlab.com/sane-project/backends/-/releases/1.0.31 This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1791=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): sane-backends-1.0.31-lp151.6.3.1 sane-backends-autoconfig-1.0.31-lp151.6.3.1 sane-backends-debuginfo-1.0.31-lp151.6.3.1 sane-backends-debugsource-1.0.31-lp151.6.3.1 sane-backends-devel-1.0.31-lp151.6.3.1 - openSUSE Leap 15.1 (x86_64): sane-backends-32bit-1.0.31-lp151.6.3.1 sane-backends-32bit-debuginfo-1.0.31-lp151.6.3.1 sane-backends-devel-32bit-1.0.31-lp151.6.3.1 References: https://www.suse.com/security/cve/CVE-2020-12861.html https://www.suse.com/security/cve/CVE-2020-12862.html https://www.suse.com/security/cve/CVE-2020-12863.html https://www.suse.com/security/cve/CVE-2020-12864.html https://www.suse.com/security/cve/CVE-2020-12865.html https://www.suse.com/security/cve/CVE-2020-12866.html https://www.suse.com/security/cve/CVE-2020-12867.html https://bugzilla.suse.com/1172524 -- . Important security patch for openSUSE Leap 15.1 resolving various hardware vulnerabilities in sane-backends.. openSUSE Update, sane-backends Fix, Important Security Alert, Vulnerability Management. . Severity: Important. LinuxSecurity.com Team
Oct 31, 2020
•Important
OpenSUSE
100
security advisorydenial of serviceimportantSUSE: 2020:2789-1 Important: Xen Denial Of Service And Race Conditions
An update that fixes 8 vulnerabilities is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2789-1 Rating: important References: #1176343 #1176344 #1176345 #1176346 #1176347 #1176348 #1176349 #1176350 Cross-References: CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25603 CVE-2020-25604 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for xen fixes the following issues: - CVE-2020-25604: Fixed a race condition when migrating timers between x86 HVM vCPU-s (bsc#1176343,XSA-336) - CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337) - CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338) - CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339) - CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340) - CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342) - CVE-2020-25599: Fixed race conditions with evtchn_reset() (bsc#1176349,XSA-343) - CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2789=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2789=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2789=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (x86_64): xen-4.10.4_16-3.41.1 xen-debugsource-4.10.4_16-3.41.1 xen-devel-4.10.4_16-3.41.1 xen-libs-4.10.4_16-3.41.1 xen-libs-debuginfo-4.10.4_16-3.41.1 xen-tools-4.10.4_16-3.41.1 xen-tools-debuginfo-4.10.4_16-3.41.1 xen-tools-domU-4.10.4_16-3.41.1 xen-tools-domU-debuginfo-4.10.4_16-3.41.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): xen-4.10.4_16-3.41.1 xen-debugsource-4.10.4_16-3.41.1 xen-devel-4.10.4_16-3.41.1 xen-libs-4.10.4_16-3.41.1 xen-libs-debuginfo-4.10.4_16-3.41.1 xen-tools-4.10.4_16-3.41.1 xen-tools-debuginfo-4.10.4_16-3.41.1 xen-tools-domU-4.10.4_16-3.41.1 xen-tools-domU-debuginfo-4.10.4_16-3.41.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): xen-4.10.4_16-3.41.1 xen-debugsource-4.10.4_16-3.41.1 xen-devel-4.10.4_16-3.41.1 xen-libs-4.10.4_16-3.41.1 xen-libs-debuginfo-4.10.4_16-3.41.1 xen-tools-4.10.4_16-3.41.1 xen-tools-debuginfo-4.10.4_16-3.41.1 xen-tools-domU-4.10.4_16-3.41.1 xen-tools-domU-debuginfo-4.10.4_16-3.41.1 References: https://www.suse.com/security/cve/CVE-2020-25595.html https://www.suse.com/security/cve/CVE-2020-25596.html https://www.suse.com/security/cve/CVE-2020-25597.html https://www.suse.com/security/cve/CVE-2020-25599.html https://www.suse.com/security/cve/CVE-2020-25600.html https://www.suse.com/security/cve/CVE-2020-25601.html https://www.suse.com/security/cve/CVE-2020-25603.html https://www.suse.com/security/cve/CVE-2020-25604.html https://bugzilla.suse.com/1176343 https://bugzilla.suse.com/1176344 https://bugzilla.suse.com/1176345 https://bugzilla.suse.com/1176346 https://bugzilla.suse.com/1176347 https://bugzilla.suse.com/1176348 https://bugzilla.suse.com/1176349 https://bugzilla.suse.com/1176350 _______________________________________________ sle-security-updates mailing list
Sep 29, 2020
•Important
SuSE
98
security advisorymoderatebug fixRed Hat 7.7 Moderate: RHSA-2020-2758-01 Microcode Security Update
An update for microcode_ctl is now available for Red at Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2020:2758-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:2758 Issue date: 2020-06-29 CVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 ==================================================================== 1. Summary: An update for microcode_ctl is now available for Red at Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.7) - x86_64 3. Description: Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Vector Register Data Sampling (CVE-2020-0548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Update Intel CPU microcode to microcode-20200609 release: - Update of 06-2d-06/0x6d (SNB-E/EN/EP C1/M0) microcode from revision 0x61f up to 0x621; - Update of 06-2d-07/0x6d (SNB-E/EN/EP C2/M1) microcode from revision 0x718 up to 0x71a; - Update of 06-3c-03/0x32 (HSWC0) microcode from revision 0x27 up to 0x28; - Update of 06-3d-04/0xc0 (BDW-U/Y E0/F0) microcode from revision 0x2e up to 0x2f; - Update of 06-45-01/0x72 (HSW-U C0/D0) microcode from revision 0x25 up to 0x26; - Update of 06-46-01/0x32 (HSW-H C0) microcode from revision 0x1b up to 0x1c; - Update of 06-47-01/0x22 (BDW-H/Xeon E3 E0/G0) microcode from revision 0x21 up to 0x22; - Update of 06-4e-03/0xc0 (SKL-U/Y D0) microcode from revision 0xd6 up to 0xdc; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000151 up to 0x1000157; - Update of 06-55-04/0xb7 (SKX-SP H0/M0/U0, SKX-D M1) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2000065 up to 0x2006906; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x400002c up to 0x4002f01; - Update of 06-55-07/0xbf (CLX-SP B1) microcode from revision 0x500002c up to 0x5002f01; - Update of 06-5e-03/0x36 (SKL-H/S R0/N0) microcode from revision 0xd6 up to 0xdc; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x46 up to 0x78; - Update of 06-8e-09/0x10 (AML-Y22 H0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-09/0xc0 (KBL-U/Y H0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0a/0xc0 (CFL-U43e D0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xca up to 0xd6; - Update of 06-8e-0c/0x94 (AML-Y42 V0, CML-Y42 V0, WHL-U V0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E3 U0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0b/0x02 (CFL-S B0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0c/0x22 (CFL-H/S P0) microcode from revision 0xca up to 0xd6; - Update of 06-9e-0d/0x22 (CFL-H R0) microcode from revision 0xca up to 0xd6. * Do not update 06-4e-03 (SKL-U/Y) and 06-5e-03(SKL-H/S/Xeon E3 v5) to revision 0xdc, use 0xd6 by default. * Enable 06-2d-07 (SNB-E/EN/EP) caveat by default. * Enable 06-55-04 (SKL-SP/X/W) caveat by default. * Avoid find being SIGPIPE'd on early "grep -q" exit in the dracut script. * Re-generate initramfs not only for the currently running kernel, but for several recently installed kernels as well. * Change the URL in the intel-microcode2ucode.8 to point to the GitHub repository since the microcode download section at Intel Download Center does not exist anymore. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1788786 - CVE-2020-0548 hw: Vector Register Data Sampling 1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling 1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS) 1849064 - [rhel-7.7.z] Enable SNB-EP caveat by default 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7): Source: microcode_ctl-2.1-53.9.el7_7.src.rpm x86_64: microcode_ctl-2.1-53.9.el7_7.x86_64.rpm microcode_ctl-debuginfo-2.1-53.9.el7_7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.7): Source: microcode_ctl-2.1-53.9.el7_7.src.rpm x86_64: microcode_ctl-2.1-53.9.el7_7.x86_64.rpm microcode_ctl-debuginfo-2.1-53.9.el7_7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/solutions/5142691 https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling 8. Contact: The Red Hat security contact is . Morecontact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXvmiYtzjgjWX9erEAQjnsRAAgsxHgZjr9o6qeNum6YeYF7ZGJK55Nd4k sj8Va8QDccawPxxuqbLV3vXUvrwOtoVwg+XW8RAVsK3bfvQGld+JpvAuiQuSq5RY R0Gi1Ro7Tc+feK69oZY+BN20BszXIOXdnKseBqfNlNX/jp/+WOISC0s9IShpNTL0 CY7/LqaWtcNDvIhH2DD+JknOwcEwc5HI4bpCTpND1EjYoU+xhNQc+yhkVLe8Rr5I G5Nbb8VhMBV4oGLUgnhWok2aGiYDgluG9jjGLNfYTouPFu9WHS4uRjttSuGWGvZv Z3ZzK8hGwumxS+ezzy5zFPn808s2365en/AABO66nOTulzIPLPH8GV/dVqTfaxwy 0UozYfvpFPG+OM3YqDmfxBe9pgN6Y+a/wOg67W8uK7f/6o8EDhfl4RxefUaxypea A7g+XfxdVOJ4hYN1UsW6yGJomt1x7pp25gpHkcoBRuDGVdy2BxL3uG5Ak1r0RVKM mjyyU7K+EN9FhERCb5H1trEUWjcS+QKY2lyjguNA/fogca0fviHWDTh5l9PpKDTe hPRxbAh0FCD/hc0Qe2g88wjkZlmRSoXsbcfVw40cy1kJZvjvf0xZ2ilqswGiJqGE g3b+h3+sl8WozhNzEfxuA3jzgASf3WCZ9NK6WuNtEVNUopn4dXUjDJuL/yDFmyYl u/OaqtGVS2M=iocg -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 29, 2020
Red Hat
87
security advisoryupdateDebianDebian Security Announcement DSA-4701-1: Intel Microcode Update on June 11
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4701-1
Jun 11, 2020
•Critical
Debian
89
security advisoryFedorasecurity fixFedora 29: FEDORA-2019-7a3fc17778 Moderate Kernel Security Issues
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-7a3fc17778 2019-11-13 06:47:08.913545 --------------------------------------------------------------------------------Name : kernel Product : Fedora 29 Version : 5.3.11 Release : 100.fc29 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618 --------------------------------------------------------------------------------ChangeLog: * Tue Nov 12 2019 Justin M. Forbes - 5.3.11-100 - Linux v5.3.11 - Fixes CVE-2019-11135 (rhbz 1753062 1771649) - Fixes CVE-2018-12207 (rhbz 1646768 1771645) - Fixes CVE-2019-0154 (rhbz 1724393 1771642) - Fixes CVE-2019-0155 (rhbz 1724398 1771644) * Mon Nov 11 2019 Laura Abbott - 5.3.10-100 - Linux v5.3.10 * Wed Nov 6 2019 Laura Abbott - 5.3.9-100 - Linux v5.3.9 * Tue Oct 29 2019 Laura Abbott - 5.3.8-100 - Linux v5.3.8 - Fix CVE-2019-17666 (rhbz 1763692) * Fri Oct 18 2019 Laura Abbott - 5.3.7-100 - Linux v5.3.7 * Mon Oct 14 2019 Laura Abbott - 5.3.6-100 - Linux v5.3.6 Rebase - Fix disappearing cursor issue (rhbz 1738614) * Tue Oct 8 2019 Justin M. Forbes - 5.2.20-100 - Linux v5.2.20 * Wed Oct 2 2019 Justin M. Forbes - Fix CVE-2019-17052 CVE-2019-17053CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 (rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257) * Tue Oct 1 2019 Justin M. Forbes - 5.2.18-100 - Linux v5.2.18 * Mon Sep 23 2019 Peter Robinson - Upstream patch for iwlwifi 8000 series FW issues (rhbz: 1749949) * Mon Sep 23 2019 Justin M. Forbes - 5.2.17-100 - Linux v5.2.17 * Thu Sep 19 2019 Laura Abbott - Fix for dwc3 (rhbz 1753099) * Thu Sep 19 2019 Justin M. Forbes - 5.2.16-100 - Linux v5.2.16 - Fix CVE-2019-14821 (rhbz 1746708 1753596) * Mon Sep 16 2019 Justin M. Forbes - 5.2.15-100 - Linux v5.2.15 - Fixes rhbz 1751901 * Tue Sep 10 2019 Justin M. Forbes - 5.2.14-100 - Linux v5.2.14 * Fri Sep 6 2019 Justin M. Forbes - 5.2.13-100 - Linux v5.2.13 * Thu Aug 29 2019 Justin M. Forbes - 5.2.11-100 - Linux v5.2.11 - Fix CVE-2019-15504 (rhbz 1746725 1746726) - Fix CVE-2019-15505 (rhbz 1746732 1746734) - Fix CVE-2019-15538 (rhbz 1746777 1746779) * Wed Aug 28 2019 Justin M. Forbes - Fix mwifiex CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 - (rhbz 1744130 1744137 1744149 1746566 1746567) * Mon Aug 26 2019 Justin M. Forbes - 5.2.10-100 - Linux v5.2.10 * Fri Aug 16 2019 Justin M. Forbes - 5.2.9-100 - Linux v5.2.9 * Sat Aug 10 2019 Justin M. Forbes - 5.2.8-100 - Linux v5.2.8 * Thu Aug 8 2019 Justin M. Forbes - 5.2.7-100 - Linux v5.2.7 - Fix netfilter regression (rhbz 1737171) * Mon Aug 5 2019 Justin M. Forbes - 5.2.6-100 - Linux v5.2.6 rebase * Mon Jul 29 2019 Jeremy Cline - 5.1.21-200 - Linux v5.1.21 * Fri Jul 26 2019 Jeremy Cline - 5.1.20-200 - Linux v5.1.20 * Mon Jul 22 2019 Laura Abbott - Bring in DMA fix (rhbz 1732045) * Mon Jul 22 2019 Jeremy Cline - 5.1.19-200 - Linux v5.1.19 - Fix Xen Security Advisory 300 (rhbz 1731862 1731864) - Fix a null pointer dereference in the 8250_lpss serial driver (rhbz 1731784) * Thu Jul 18 2019 Jeremy Cline - Fix CVE-2019-13631 (rhbz 1731000 1731001) * Mon Jul 15 2019 Jeremy Cline - 5.1.18-200 - Linuxv5.1.18 * Wed Jul 10 2019 Jeremy Cline - 5.1.17-200 - Linux v5.1.17 * Mon Jul 8 2019 Jeremy Cline - Fix a firmware crash in Intel 7000 and 8000 devices (rhbz 1716334) * Thu Jul 4 2019 Peter Robinson - Fixes for load avg and display on Raspberry Pi * Wed Jul 3 2019 Jeremy Cline - 5.1.16-200 - Linux v5.1.16 - Fix an issue with deleting singular conntrack entries (rhbz 1724357) * Tue Jun 25 2019 Jeremy Cline - 5.1.15-200 - Linux v5.1.15 - Fixes CVE-2019-12817 (rhbz 1720616 1723697) * Mon Jun 24 2019 Hans de Goede - Extend GPD MicroPC LCD panel quirk to also apply to newer BIOS versions * Mon Jun 24 2019 Jeremy Cline - 5.1.14-200 - Linux v5.1.14 * Wed Jun 19 2019 Jeremy Cline - 5.1.12-200 - Linux v5.1.12 * Mon Jun 17 2019 Jeremy Cline - 5.1.11-200 - Linux v5.1.11 - Fixes CVE-2019-11477 (rhbz 1719123 1721254) - Fixes CVE-2019-11479 (rhbz 1719129 1721255) - Fixes CVE-2019-11478 (rhbz 1719128 1721256) * Mon Jun 17 2019 Jeremy Cline - 5.1.10-200 - Linux v5.1.10 * Fri Jun 14 2019 Hans de Goede - Fix the LCD panel an Asus EeePC 1025C not lighting up (rhbz#1697069) - Fix the LCD panel on the GPD MicroPC not working * Thu Jun 13 2019 Justin M. Forbes - Fix CVE-2019-10126 (rhbz 1716992 1720122) * Tue Jun 11 2019 Jeremy Cline - 5.1.9-200 - Linux v5.1.9 - Fix UDP checkshums for SIP packets (rhbz 1716289) * Sun Jun 9 2019 Jeremy Cline - 5.1.8-200 - Linux v5.1.8 * Fri Jun 7 2019 Justin M. Forbes - Fix CVE-2019-12614 (rhbz 1718176 1718185) * Thu Jun 6 2019 Jeremy Cline - Fix incorrect permission denied with lock down off (rhbz 1658675) - Fix an issue with the IPv6 neighbor table (rhbz 1708717) * Wed Jun 5 2019 Justin M. Forbes - Fix CVE-2019-12456 (rhbz 1717182 1717183) * Tue Jun 4 2019 Jeremy Cline - 5.1.7-200 - Linux v5.1.7 - Fix CVE-2019-12455 (rhbz 1716990 1717003) - Fix CVE-2019-12454 (rhbz 1716996 1717003) * Mon Jun 3 2019 Jeremy Cline - 5.1.6-200 - Linux v5.1.6 - Fix CVE-2019-12378 (rhbz 1715459 1715460) - Fix CVE-2019-3846(rhbz 1713059 1715475) - Fix CVE-2019-12380 (rhbz 1715494 1715495) - Fix CVE-2019-12381 (rhbz 1715501 1715502) - Fix CVE-2019-12382 (rhbz 1715554 1715556) - Fix CVE-2019-12379 (rhbz 1715491 1715706) - Fix an issue with Bluetooth 2.0 and earlier devices (rhbz 1711468) * Fri May 31 2019 Laura Abbott - 5.0.20-200 - Linux v5.0.20 * Tue May 28 2019 Laura Abbott - 5.0.19-200 - Linux v5.0.19 * Thu May 23 2019 Justin M. Forbes - 5.0.18-200 - Bring back ad8cfb9c42ef83ecf4079bc7d77e6557648e952b to fix s390 build * Wed May 22 2019 Justin M. Forbes - Linux v5.0.18 - Fixes CVE-2019-11833 (rhbz 1712072 1712073) * Mon May 20 2019 Laura Abbott - 5.0.17-200 - Linux v5.0.17 * Tue May 14 2019 Justin M. Forbes - 5.0.16-200 - Linux v5.0.16 - Fixes CVE-2018-12126 (rhbz 1646781 1709976) - Fixes CVE-2018-12127 (rhbz 1667782 1709978) - Fixes CVE-2018-12130 (rhbz 1646784 1709989 1709996) - Fixes CVE-2019-11091 (rhbz 1705312 1709983) * Mon May 13 2019 Laura Abbott - 5.0.15-200 - Linux v5.0.15 - Fixes CVE-2019-11884 (rhbz 1709837 1709838) * Thu May 9 2019 Laura Abbott - 5.0.14-200 - Linux v5.0.14 * Mon May 6 2019 Laura Abbott - 5.0.13-200 - Linux v5.0.13 * Sat May 4 2019 Laura Abbott - 5.0.12-200 - Linux v5.0.12 * Thu May 2 2019 Laura Abbott - 5.0.11-200 - Linux v5.0.11 * Tue Apr 30 2019 Hans de Goede - Fix wifi on various ideapad models not working (rhbz#1703338) * Mon Apr 29 2019 Laura Abbott - 5.0.10-200 - Linux v5.0.10 * Thu Apr 25 2019 Justin M. Forbes - Fix CVE-2019-3900 (rhbz 1698757 1702940) * Tue Apr 23 2019 Jeremy Cline - Allow modules signed by keys in the platform keyring (rbhz 1701096) * Tue Apr 23 2019 Justin M. Forbes - Fix CVE-2019-9503 rhbz 1701842 1701843 * Mon Apr 22 2019 Laura Abbott - 5.0.9-200 - Linux v5.0.9 - Fix NFS server crash (rhbz 1701077) * Thu Apr 18 2019 Justin M. Forbes - Fix CVE-2019-9500 (rhbz 1701224 1701225) * Wed Apr 17 2019 Laura Abbott - 5.0.8-200 - Linux v5.0.8 * Mon Apr 8 2019 Laura Abbott - 5.0.7-200 -Linux v5.0.7 * Mon Apr 8 2019 Justin M. Forbes - Fix CVE-2019 (rhbz 1695044 1697187) * Wed Apr 3 2019 Laura Abbott - 5.0.6-200 - Linux v5.0.6 * Wed Apr 3 2019 Justin M. Forbes - Fix CVE-2019-3882 (rhbz 1689426 1695571) * Mon Apr 1 2019 Justin M. Forbes - Fix CVE-2019-9857 (rhbz 1694758 1694759) * Mon Apr 1 2019 Laura Abbott - Ensure ioschedulers are built in (rhbz 1690604) * Wed Mar 27 2019 Laura Abbott - 5.0.5-200 - Linux v5.0.5 * Mon Mar 25 2019 Laura Abbott - 5.0.4-200 - Linux v5.0.4 * Fri Mar 22 2019 Laura Abbott - TPM fix (rhbz 1688283) * Wed Mar 20 2019 Hans de Goede - Make the mainline vboxguest drv feature set match VirtualBox 6.0.x (#1689750) * Tue Mar 19 2019 Laura Abbott - 5.0.3-200 - Linux v5.0.3 * Thu Mar 14 2019 Justin M. Forbes - 4.20.16-200 - Linux v4.20.16 * Mon Mar 11 2019 Justin M. Forbes - 4.20.15-200 - Linux v4.20.15 * Tue Mar 5 2019 Justin M. Forbes - 4.20.14-200 - Linux v4.20.14 * Wed Feb 27 2019 Justin M. Forbes - 4.20.13-200 - Linux v4.20.13 - Fix for NFS issue (rhbz 1683382) * Mon Feb 25 2019 Justin M. Forbes - 4.20.12-200 - Linux v4.20.12 * Fri Feb 22 2019 Justin M. Forbes - Fix CVE-2019-8980 (rhbz 1679972 1679974) * Wed Feb 20 2019 Justin M. Forbes - 4.20.11-200 - Linux v4.20.11 * Tue Feb 19 2019 Justin M. Forbes - Fix CVE-2019-8912 (rhbz 1678685 1678686) * Fri Feb 15 2019 Justin M. Forbes - 4.20.10-200 - Linux v4.20.10 * Tue Feb 12 2019 Justin M. Forbes - 4.20.8-200 - Linux v4.20.8 - Fixes CVE-2019-7221 (rhbz 1671904 1673676) - Fixes CVE-2019-6974 (rhbz 1671913 1673681) - Fixes CVE-2019-7222 (rhbz 1671930 1673686) * Mon Feb 11 2019 Peter Robinson - Minor Arm fixes and enhancements * Wed Feb 6 2019 Justin M. Forbes - 4.20.7-200 - Linux v4.20.7 * Thu Jan 31 2019 Justin M. Forbes - 4.20.6-200 - Linux v4.20.6 * Mon Jan 28 2019 Justin M. Forbes - 4.20.5-200 - Linux v4.20.5 - Fix CVE-2018-16880 (rhbz 1656472 1669545) * Wed Jan 23 2019 Hans de Goede - Add upstream patch fixingbacklight control not working on some laptops with a Nvidia GPU (rhbz#1663613, rhbz#1665505) * Wed Jan 23 2019 Justin M. Forbes - 4.20.4-200 - Linux v4.20.4 * Thu Jan 17 2019 Justin M. Forbes - 4.20.3-200 - Linux v4.20.3 rebase * Mon Jan 14 2019 Jeremy Cline - 4.19.15-300 - Linux v4.19.15 - Fix CVE-2019-3459 and CVE-2019-3460 (rbhz 1663176 1663179 1665925) * Wed Jan 9 2019 Jeremy Cline - 4.19.14-300 - Linux v4.19.14 * Wed Jan 9 2019 Justin M. Forbes - Fix CVE-2019-3701 (rhbz 1663729 1663730) * Mon Jan 7 2019 Hans de Goede - Add patch to fix bluetooth on RPI 3B+ registering twice (rhbz#1661961) * Sat Dec 29 2018 Jeremy Cline - 4.19.13-300 - Linux v4.19.13 * Thu Dec 27 2018 Hans de Goede - Set CONFIG_REALTEK_PHY=y to workaround realtek ethernet issues (rhbz 1650984) * Mon Dec 24 2018 Peter Robinson 4.19.12-301 - Another fix for issue affecting Raspberry Pi 3-series WiFi (rhbz 1652093) * Sat Dec 22 2018 Peter Robinson 4.19.12-300 - Linux v4.19.12 * Thu Dec 20 2018 Jeremy Cline - 4.19.11-300 - Linux v4.19.11 * Mon Dec 17 2018 Jeremy Cline - 4.19.10-300 - Linux v4.19.10 * Fri Dec 14 2018 Peter Robinson 4.19.9-301 - Fix Raspberry Pi issues affecting WiFi (rhbz 1652093) * Thu Dec 13 2018 Jeremy Cline - 4.19.9-300 - Linux v4.19.9 * Tue Dec 11 2018 Hans de Goede - Really fix non functional hotkeys on Asus FX503VD (#1645070) * Mon Dec 10 2018 Jeremy Cline - 4.19.8-300 - Linux v4.19.8 * Thu Dec 6 2018 Peter Robinson - Fix for ethernet LEDs on Raspberry Pi 3B+ * Wed Dec 5 2018 Jeremy Cline - 4.19.7-300 - Linux v4.19.7 * Wed Dec 5 2018 Jeremy Cline - Fix corruption bug in direct dispatch for blk-mq * Tue Dec 4 2018 Justin M. Forbes - Fix CVE-2018-19824 (rhbz 1655816 1655817) * Mon Dec 3 2018 Jeremy Cline - Fix very quiet speakers on the Thinkpad T570 (rhbz 1554304) * Mon Dec 3 2018 Hans de Goede - Fix non functional hotkeys on Asus FX503VD (#1645070) * Sun Dec 2 2018 Jeremy Cline - 4.19.6-300 - Linux v4.19.6 * Thu Nov29 2018 Jeremy Cline - Fix a problem with some rtl8168 chips (rhbz 1650984) - Fix slowdowns and crashes for AMD GPUs in pre-PCIe-v3 slots * Tue Nov 27 2018 Jeremy Cline - 4.19.5-300 - Linux v4.19.5 - Fix CVE-2018-16862 (rhbz 1649017 1653122) - Fix CVE-2018-19407 (rhbz 1652656 1652658) * Mon Nov 26 2018 Jeremy Cline - Fixes a null pointer dereference with Nvidia and vmwgfx drivers (rhbz 1650224) * Fri Nov 23 2018 Peter Robinson - 4.19.4-300 - Linux v4.19.4 * Thu Nov 22 2018 Peter Robinson - Fixes for Rockchips 3399 devices * Wed Nov 21 2018 Jeremy Cline - 4.19.3-300 - Linux v4.19.3 * Tue Nov 20 2018 Hans de Goede - Turn on CONFIG_PINCTRL_GEMINILAKE on x86_64 (rhbz#1639155) - Add a patch fixing touchscreens on HP AMD based laptops (rhbz#1644013) - Add a patch fixing KIOX010A accelerometers (rhbz#1526312) * Sat Nov 17 2018 Peter Robinson 4.19.2-301 - Fix WiFi on Raspberry Pi 3 on aarch64 (rhbz 1649344) - Fixes for Raspberry Pi hwmon driver and firmware interface --------------------------------------------------------------------------------References: [ 1 ] Bug #1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA) https://bugzilla.redhat.com/show_bug.cgi?id=1753062 [ 2 ] Bug #1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IPU) https://bugzilla.redhat.com/show_bug.cgi?id=1646768 [ 3 ] Bug #1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state https://bugzilla.redhat.com/show_bug.cgi?id=1724393 [ 4 ] Bug #1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write https://bugzilla.redhat.com/show_bug.cgi?id=1724398 [ 5 ] Bug #1758414 - CVE-2019-0117 hw: Intel SGX information leak https://bugzilla.redhat.com/show_bug.cgi?id=1758414 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2019-7a3fc17778' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 13, 2019
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!