Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
200
security advisorydenial of servicekernel updateSciLinux: SLSA-2018-1854-1 Critical Security Update for Kernel
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older v [More...]. Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:1854-1 Issue Date: 2018-06-19 CVE Numbers: CVE-2016-8650 CVE-2017-7308 CVE-2017-6001 CVE-2017-2671 CVE-2017-7616 CVE-2017-7889 CVE-2017-8890 CVE-2017-9076 CVE-2017-9075 CVE-2017-9077 CVE-2017-12190 CVE-2017-15121 CVE-2017-18203 CVE-2018-3639 CVE-2015-8830 CVE-2012-6701 CVE-2018-5803 CVE-2018-1130 -- Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC) * kernel: net/packet: overflow in check for priv area size (CVE-2017-7308) * kernel: AIO interface didn't use rw_verify_area() for checking mandatory locking on filesand size of access (CVE-2012-6701) * kernel: AIO write triggers integer overflow in some protocols (CVE-2015-8830) * kernel: Null pointer dereference via keyctl (CVE-2016-8650) * kernel: ping socket / AF_LLC connect() sin_family race (CVE-2017-2671) * kernel: Race condition between multiple sys_perf_event_open() calls (CVE-2017-6001) * kernel: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c (CVE-2017-7616) * kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism (CVE-2017-7889) * kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c (CVE-2017-8890) * kernel: net: sctp_v6_create_accept_sk function mishandles inheritance (CVE-2017-9075) * kernel: net: IPv6 DCCP implementation mishandles inheritance (CVE-2017-9076) * kernel: net: tcp_v6_syn_recv_sock function mishandles inheritance (CVE-2017-9077) * kernel: memory leak when merging buffers in SCSI IO vectors(CVE-2017-12190) * kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121) * kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203) * kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash (CVE-2018-1130) * kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service (CVE-2018-5803) -- SL6 x86_64 kernel-2.6.32-754.el6.x86_64.rpm kernel-debug-2.6.32-754.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.el6.i686.rpm kernel-debug-devel-2.6.32-754.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.el6.i686.rpm kernel-debuginfo-2.6.32-754.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.el6.x86_64.rpm kernel-devel-2.6.32-754.el6.x86_64.rpm kernel-headers-2.6.32-754.el6.x86_64.rpm perf-2.6.32-754.el6.x86_64.rpm perf-debuginfo-2.6.32-754.el6.i686.rpm perf-debuginfo-2.6.32-754.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.el6.i686.rpm python-perf-debuginfo-2.6.32-754.el6.x86_64.rpm python-perf-2.6.32-754.el6.x86_64.rpm i386 kernel-2.6.32-754.el6.i686.rpm kernel-debug-2.6.32-754.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.el6.i686.rpm kernel-debug-devel-2.6.32-754.el6.i686.rpm kernel-debuginfo-2.6.32-754.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.el6.i686.rpm kernel-devel-2.6.32-754.el6.i686.rpm kernel-headers-2.6.32-754.el6.i686.rpm perf-2.6.32-754.el6.i686.rpm perf-debuginfo-2.6.32-754.el6.i686.rpm python-perf-debuginfo-2.6.32-754.el6.i686.rpm python-perf-2.6.32-754.el6.i686.rpm noarch kernel-abi-whitelists-2.6.32-754.el6.noarch.rpm kernel-doc-2.6.32-754.el6.noarch.rpm kernel-firmware-2.6.32-754.el6.noarch.rpm - Scientific Linux Development Team . Critical kernel patch for SL6 resolving speculative execution vulnerabilities alongside various security enhancements.. kernel update, SL6 security, critical patch, speculative execution. . Severity: Important. LinuxSecurity.com Team
Jul 02, 2018
•Important
Scientific Linux
200
security advisoryimportantkernelCritical Security Advisory: Kernel Vulnerability in Scientific Linux SL7
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older v [More...]. Synopsis: Important: kernel security update Advisory ID: SLSA-2018:1629-1 Issue Date: 2018-05-22 CVE Numbers: CVE-2018-3639 -- Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact. In this update mitigations for x86-64 architecture are provided. -- SL7 x86_64 kernel-3.10.0-862.3.2.el7.x86_64.rpm kernel-debug-3.10.0-862.3.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.3.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.3.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.3.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.3.2.el7.x86_64.rpm kernel-devel-3.10.0-862.3.2.el7.x86_64.rpm kernel-headers-3.10.0-862.3.2.el7.x86_64.rpm kernel-tools-3.10.0-862.3.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.3.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.3.2.el7.x86_64.rpm perf-3.10.0-862.3.2.el7.x86_64.rpm perf-debuginfo-3.10.0-862.3.2.el7.x86_64.rpm python-perf-3.10.0-862.3.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.3.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.3.2.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-862.3.2.el7.noarch.rpm kernel-doc-3.10.0-862.3.2.el7.noarch.rpm - Scientific Linux Development Team . Tackling essential kernel safety patches for SL7.x to mitigate speculative execution vulnerabilities and safeguard against cache side-channel attacks.. Scientific Linux, kernel update, security fix, speculative execution, cache attacks. . Severity: Important. LinuxSecurity.com Team
May 22, 2018
•Important
Scientific Linux
200
security advisoryimportantmicroprocessorSciLinux: SLSA-2018-1633-1 Important Qemu-Kvm Security Update
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older v [More...]. Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2018:1633-1 Issue Date: 2018-05-22 CVE Numbers: CVE-2018-3639 -- Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation. -- SL7 x86_64 qemu-img-1.5.3-156.el7_5.2.x86_64.rpm qemu-kvm-1.5.3-156.el7_5.2.x86_64.rpm qemu-kvm-common-1.5.3-156.el7_5.2.x86_64.rpm qemu-kvm-debuginfo-1.5.3-156.el7_5.2.x86_64.rpm qemu-kvm-tools-1.5.3-156.el7_5.2.x86_64.rpm - Scientific Linux Development Team . Essential notice regarding qemu-kvm patch addressing speculative execution vulnerabilities and cache side-channel attack risks.. qemu-kvm Update, Speculative Execution, Cache Side-Channel, Security Advisory, Microprocessor Attack. . Severity: Important. LinuxSecurity.com Team
May 22, 2018
•Important
Scientific Linux
200
security advisorysecurity fixmicroprocessorSciLinux: SLSA-2018-0029-1 Important Libvirt Update on SL7.x
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies [More...]. Synopsis: Important: libvirt security update Advisory ID: SLSA-2018:0029-1 Issue Date: 2018-01-04 CVE Numbers: CVE-2017-5715 -- Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the libvirt side of the CVE-2017-5715 mitigation. -- SL7 x86_64 libvirt-3.2.0-14.el7_4.7.x86_64.rpm libvirt-client-3.2.0-14.el7_4.7.i686.rpm libvirt-client-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-libs-3.2.0-14.el7_4.7.i686.rpm libvirt-libs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-admin-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-devel-3.2.0-14.el7_4.7.i686.rpm libvirt-devel-3.2.0-14.el7_4.7.x86_64.rpm libvirt-docs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.x86_64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.x86_64.rpm libvirt-nss-3.2.0-14.el7_4.7.i686.rpm libvirt-nss-3.2.0-14.el7_4.7.x86_64.rpm - Scientific Linux Development Team . Crucial libvirt security patch tackles speculative execution vulnerabilities and delivers essential corrections for SL7.x platforms.. libvirt security, branch injection, speculative execution, SL7 security, libvirt update. . Severity: Important. LinuxSecurity.com Team
Jan 04, 2018
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!