Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
202
security advisorymoderatevulnerabilityopenSUSE Tumbleweed Releases Moderate Advisory for python311-pydicom
An update that solves one vulnerability can now be installed.. # python311-pydicom-3.0.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10412-1 Rating: moderate Cross-References: * CVE-2026-32711 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python311-pydicom-3.0.2-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python311-pydicom 3.0.2-1.1 * python313-pydicom 3.0.2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32711.html . Update for openSUSE fixes moderate issue in python311-pydicom enhancing security. Important for Tumbleweed users.. openSUSE, python library, security updates, moderate risks, patch management. . LinuxSecurity.com Team
Mar 25, 2026 OpenSUSE 172
security advisoryUbuntuimportantUbuntu 20.04 LTS: Linux Azure Kernel Important Security Fix USN-7712-2
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7712-2 September 02, 2025 linux-azure-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Serial ATA and Parallel ATA drivers; - Bluetooth drivers; - Bus devices; - CPU frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - GPU drivers; - HID subsystem; - HSI subsystem; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - PCI Endpoint Test driver; - MTD block device drivers; - Network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - Device tree and open firmware driver; - PCI subsystem; - x86 platform drivers; - TI SCI PM domains driver; - PWM drivers; - S/390 drivers; - SCSI subsystem; - Samsung SoC drivers; - TCM subsystem; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - DesignWare USB3 driver; - USB Gadgetdrivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - Virtio drivers; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - Proc file system; - SMB network file system; - LZO compression library; - Kernel stack handling interfaces; - Bluetooth subsystem; - Network traffic control; - SCTP protocol; - Digital Audio (PCM) driver; - Tracing infrastructure; - BPF subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Memory management; - 802.1Q VLAN protocol; - CAN network layer; - Networking core; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - Multipath TCP; - Netfilter; - Open vSwitch; - Phonet protocol; - TIPC protocol; - TLS protocol; - ALSA framework; - Virtio sound driver; - CPU Power monitoring subsystem; (CVE-2025-37766, CVE-2025-38044, CVE-2025-38003, CVE-2025-37990, CVE-2024-56751, CVE-2022-21546, CVE-2025-23148, CVE-2025-21853, CVE-2025-38043, CVE-2025-37844, CVE-2025-38048, CVE-2025-38034, CVE-2025-38072, CVE-2025-38177, CVE-2025-38005, CVE-2025-38068, CVE-2025-37765, CVE-2025-37808, CVE-2025-37787, CVE-2025-23145, CVE-2025-37756, CVE-2024-50272, CVE-2025-37857, CVE-2025-37819, CVE-2025-37789, CVE-2024-36908, CVE-2025-37812, CVE-2024-53128, CVE-2025-37788, CVE-2025-37892, CVE-2025-38001, CVE-2025-37773, CVE-2024-46816, CVE-2025-37823, CVE-2025-37838, CVE-2025-38066, CVE-2025-37771, CVE-2024-38541, CVE-2025-37927, CVE-2025-23142, CVE-2025-22062, CVE-2025-37811, CVE-2025-37969, CVE-2024-27402, CVE-2025-37911, CVE-2025-37740, CVE-2025-37913, CVE-2025-37810, CVE-2025-38094, CVE-2024-46787, CVE-2025-37749,CVE-2025-37983, CVE-2025-23157, CVE-2025-37790, CVE-2025-37739, CVE-2025-37995, CVE-2024-46774, CVE-2025-37758, CVE-2025-38065, CVE-2025-37909, CVE-2025-38009, CVE-2025-37915, CVE-2025-37932, CVE-2022-48893, CVE-2024-50125, CVE-2025-37841, CVE-2024-50047, CVE-2025-23140, CVE-2025-37780, CVE-2025-23156, CVE-2024-50280, CVE-2025-37840, CVE-2024-50258, CVE-2025-37796, CVE-2024-49960, CVE-2025-37829, CVE-2025-38024, CVE-2024-46751, CVE-2025-37985, CVE-2025-37989, CVE-2025-37994, CVE-2025-37741, CVE-2025-23151, CVE-2025-38058, CVE-2024-35790, CVE-2025-37871, CVE-2025-38031, CVE-2025-37940, CVE-2025-37930, CVE-2025-23150, CVE-2025-37805, CVE-2025-37738, CVE-2025-37850, CVE-2025-37923, CVE-2025-37914, CVE-2025-37912, CVE-2025-37885, CVE-2025-37997, CVE-2025-37839, CVE-2025-37949, CVE-2025-38079, CVE-2025-23146, CVE-2025-21839, CVE-2025-37862, CVE-2025-38052, CVE-2024-35866, CVE-2025-37867, CVE-2025-37991, CVE-2025-37742, CVE-2025-38078, CVE-2024-38540, CVE-2025-37967, CVE-2025-37794, CVE-2024-35867, CVE-2025-37836, CVE-2024-50073, CVE-2025-38083, CVE-2025-37883, CVE-2025-37757, CVE-2025-37798, CVE-2025-37992, CVE-2025-38037, CVE-2025-23161, CVE-2024-35943, CVE-2022-49535, CVE-2025-37768, CVE-2025-23159, CVE-2024-54458, CVE-2022-49063, CVE-2025-37781, CVE-2025-38023, CVE-2025-38004, CVE-2025-37767, CVE-2025-37858, CVE-2024-49989, CVE-2025-38051, CVE-2025-38075, CVE-2025-37881, CVE-2025-23163, CVE-2024-53051, CVE-2024-42322, CVE-2025-37792, CVE-2025-37803, CVE-2024-26686, CVE-2025-37970, CVE-2025-37770, CVE-2025-37875, CVE-2025-37797, CVE-2022-49168, CVE-2025-22027, CVE-2024-53203, CVE-2025-38061, CVE-2025-37890, CVE-2025-23158, CVE-2025-38035, CVE-2025-38000, CVE-2024-26739, CVE-2025-37905, CVE-2024-46742, CVE-2025-37964, CVE-2025-37830, CVE-2025-37817, CVE-2025-23144, CVE-2025-37824, CVE-2025-23147, CVE-2025-38077, CVE-2025-37982, CVE-2025-37998, CVE-2025-37859, CVE-2025-37851) Update instructions: The problem can be corrected by updating your system to the following packageversions: Ubuntu 20.04 LTS linux-image-5.15.0-1094-azure 5.15.0-1094.103~20.04.1 Available with Ubuntu Pro linux-image-azure 5.15.0.1094.103~20.04.1 Available with Ubuntu Pro linux-image-azure-5.15 5.15.0.1094.103~20.04.1 Available with Ubuntu Pro linux-image-azure-cvm 5.15.0.1094.103~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7712-2 https://ubuntu.com/security/notices/USN-7712-1 CVE-2022-21546, CVE-2022-48893, CVE-2022-49063, CVE-2022-49168, CVE-2022-49535, CVE-2024-26686, CVE-2024-26739, CVE-2024-27402, CVE-2024-35790, CVE-2024-35866, CVE-2024-35867, CVE-2024-35943, CVE-2024-36908, CVE-2024-38540, CVE-2024-38541, CVE-2024-42322, CVE-2024-46742, CVE-2024-46751, CVE-2024-46774, CVE-2024-46787, CVE-2024-46816, CVE-2024-49960, CVE-2024-49989, CVE-2024-50047, CVE-2024-50073, CVE-2024-50125, CVE-2024-50258, CVE-2024-50272, CVE-2024-50280, CVE-2024-53051, CVE-2024-53128, CVE-2024-53203, CVE-2024-54458, CVE-2024-56751, CVE-2025-21839, CVE-2025-21853, CVE-2025-22027, CVE-2025-22062, CVE-2025-23140, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23150, CVE-2025-23151, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37749, CVE-2025-37756, CVE-2025-37757, CVE-2025-37758, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37770, CVE-2025-37771, CVE-2025-37773, CVE-2025-37780, CVE-2025-37781, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37794, CVE-2025-37796, CVE-2025-37797, CVE-2025-37798, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37817, CVE-2025-37819, CVE-2025-37823, CVE-2025-37824, CVE-2025-37829, CVE-2025-37830, CVE-2025-37836, CVE-2025-37838, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37844, CVE-2025-37850, CVE-2025-37851, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37862, CVE-2025-37867, CVE-2025-37871, CVE-2025-37875, CVE-2025-37881, CVE-2025-37883, CVE-2025-37885, CVE-2025-37890, CVE-2025-37892, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37923, CVE-2025-37927, CVE-2025-37930, CVE-2025-37932, CVE-2025-37940, CVE-2025-37949, CVE-2025-37964, CVE-2025-37967, CVE-2025-37969, CVE-2025-37970, CVE-2025-37982, CVE-2025-37983, CVE-2025-37985, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998, CVE-2025-38000, CVE-2025-38001, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38009, CVE-2025-38023, CVE-2025-38024, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38043, CVE-2025-38044, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38058, CVE-2025-38061, CVE-2025-38065, CVE-2025-38066, CVE-2025-38068, CVE-2025-38072, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38083, CVE-2025-38094, CVE-2025-38177 . Critical security issues in Linuxkernel for Ubuntu 20.04 may compromise system integrity and require updates.. Linux Kernel, Azure Security, Ubuntu Advisory, Security Threats, Linux Updates. . Severity: Important. LinuxSecurity.com Team
Sep 02, 2025 •Important Ubuntu 
100
security advisorymoderatethreat detectionSUSE Enterprise Server 15 SP4 Moderate: Spectre-Meltdown-Checker Update
* jsc#PED-2362 * jsc#SLE-5514 Cross-References: * CVE-2023-20593 . # Security update for spectre-meltdown-checker Announcement ID: SUSE-SU-2024:0884-1 Rating: moderate References: * jsc#PED-2362 * jsc#SLE-5514 Cross-References: * CVE-2023-20593 CVSS scores: * CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and contains two features can now be installed. ## Description: This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection ofthe new Zenbleed (CVE-2023-20593) vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed (CVE-2023-20593) * feat: add the linux-firmware repository as another source for CPU microcode versions * feat: arm: add Neoverse-N2, Neoverse-V1 and Neoverse-V2 * fix: docker: adding missing utils (#433) * feat: add support for Guix System kernel * fix: rewrite SQL to be sqlite3 > = 3.41 compatible (#443) * fix: a /devnull file was mistakenly created on the filesystem * fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) * updated to 0.45 * arm64: phytium: Add CPU Implementer Phytium * arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig * chore: ensure vars are set before being dereferenced (set -u compat) * chore: fix indentation * chore: fwdb: update to v220+i20220208 * chore: only attempt to load msr and cpuid module once * chore: read_cpuid: use named constants * chore: readme: framapic is gone, host the screenshots on GitHub * chore: replace 'Vulnerable to' by 'Affected by' in the hw section * chore: speculative execution -> transient execution * chore: update fwdb to v222+i20220208 * chore: update Intel Family 6 models * chore: wording: model not vulnerable -> model not affected * doc: add an FAQ entry about CVE support * doc: add an FAQ.md and update the README.md accordingly * doc: more FAQ and README * doc: readme: make the FAQ entry more visible * feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied * feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 * feat: add subleaf!= 0 support for read_cpuid * feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) * feat: bsd: for unimplemented CVEs, at least report when CPU is not affected * feat: hw check: add IPRED, RRSBA, BHI features check * feat: implement detection for MCEPSC under BSD * feat: set defaultTMPDIR for Android (#415) * fix: extract_kernel: don't overwrite kernel_err if already set * fix: has_vmm false positive with pcp * fix: is_ucode_blacklisted: fix some model names * fix: mcedb: v191 changed the MCE table format * fix: refuse to run under MacOS and ESXi * fix: retpoline: detection on 5.15.28+ (#420) * fix: variant4: added case where prctl ssbd status is tagged as 'unknown' ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-884=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-884=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-884=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-884=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-884=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-884=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-884=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-884=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-884=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patchSUSE-SLE-Product-SLES-15-SP3-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-884=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Manager Server 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Enterprise Storage 7.1 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * openSUSE Leap 15.5 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * Basesystem Module 15-SP5 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) *spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20593.html * * . Updated security enhancements for spectre-meltdown-checker on SUSE platforms. Access comprehensive patch guidance here.. Spectre, Meltdown, SUSE, Security Patch, Threat Detection. . LinuxSecurity.com Team
Mar 15, 2024 SuSE 202
security advisorymoderatethreat detectionopenSUSE: 2019:2710-1 Moderate: Spectre-Meltdown-Checker Security Fix
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for spectre-meltdown-checker ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2710-1 Rating: moderate References: #1117665 #1139073 Cross-References: CVE-2018-12207 CVE-2019-11135 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for spectre-meltdown-checker fixes the following issues: - feat: implement TAA detection (CVE-2019-11135 bsc#1139073) - feat: implement MCEPSC / iTLB Multihit detection (CVE-2018-12207 bsc#1117665) - feat: taa: add TSX_CTRL MSR detection in hardware info - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware version database - feat: use --live with --kernel/--config/--map to override file detection in live mode - enh: rework the vuln logic of MDS with --paranoid (fixes #307) - enh: explain that Enhanced IBRS is better for performance than classic IBRS - enh: kernel: autodetect customized arch kernels from cmdline - enh: kernel decompression: better tolerance against missing tools - enh: mock: implement reading from /proc/cmdline - fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a - fix: lockdown: detect Red Hat locked down kernels (impacts MSR writes) - fix: lockdown: detect locked down mode in vanilla 5.4+ kernels - fix: sgx: on locked down kernels, fallback to CPUID bit for detection - fix: fwdb: builtin version takes precedence if the local cached version is older - fix: pteinv: don't check kernel image if not available - fix: silence useless error from grep (fixes #322) - fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316) - fix:mocking value for read_msr - chore: rename mcedb cmdline parameters to fwdb, and change db version scheme - chore: fwdb: update to v130.20191104+i20191027 - chore: add GitHub check workflow This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2710=1 Package List: - openSUSE Leap 15.1 (x86_64): spectre-meltdown-checker-0.43-lp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2018-12207.html https://www.suse.com/security/cve/CVE-2019-11135.html https://bugzilla.suse.com/1117665 https://bugzilla.suse.com/1139073 -- . A significant Fedora security enhancement addresses multiple flaws in the kernel that improves overall system protection.. openSUSE Security Update,spectre-meltdown-checker,system security,issue resolution. . Severity: Important. LinuxSecurity.com Team
Dec 31, 2019 •Important OpenSUSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!