Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
89
security advisoryfedoracriticalFedora 41 Kernel CVE-2025-40300 Critical VMSCAPE Threat Mitigation
The 6.16.7 stable kernel updates contain mitigation for the VMSCAPE vulnerability on x86 CPUs. This has been assigned CVE-2025-40300. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4f0872847c 2025-09-14 01:34:47.455914+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 41 Version : 6.16.7 Release : 100.fc41 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.16.7 stable kernel updates contain mitigation for the VMSCAPE vulnerability on x86 CPUs. This has been assigned CVE-2025-40300 -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 11 2025 Justin M. Forbes [6.16.7-0] - Turn on vmscape mitigation for x86 (Justin M. Forbes) - Linux v6.16.7 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4f0872847c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Sep 14, 2025
•Critical
Fedora
89
security advisoryfedoracriticalFedora 42: kernel 6.16.7 Critical VMSCAPE Mitigation FEDORA-2025-4c1d09a51b
The 6.16.7 stable kernel updates contain mitigation for the VMSCAPE vulnerability on x86 CPUs. This has been assigned CVE-2025-40300 The 6.16.6 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4c1d09a51b 2025-09-12 02:06:02.138659+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 42 Version : 6.16.7 Release : 200.fc42 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.16.7 stable kernel updates contain mitigation for the VMSCAPE vulnerability on x86 CPUs. This has been assigned CVE-2025-40300 The 6.16.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 11 2025 Justin M. Forbes [6.16.7-0] - Turn on vmscape mitigation for x86 (Justin M. Forbes) - Linux v6.16.7 * Tue Sep 9 2025 Augusto Caringi [6.16.6-0] - Add another bug fix staged for 6.16 (Justin M. Forbes) - Turn on PHY_ROCKCHIP_SAMSUNG_DCPHY for Fedora (Justin M. Forbes) - Linux v6.16.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2392922 - Gkrellm no longer detects nor displays network monitor information https://bugzilla.redhat.com/show_bug.cgi?id=2392922 [ 2 ] Bug #2393407 - Fedora kernel does not include PHY_ROCKCHIP_SAMSUNG_DCPHY driver https://bugzilla.redhat.com/show_bug.cgi?id=2393407 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4c1d09a51b' at the command line. Formore information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Sep 12, 2025
•Critical
Fedora
172
security advisorysecurity issuecriticalUbuntu 22.04 LTS USN-7308-1 Critical: Linux kernel flaws resolved
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7308-1 February 27, 2025 linux-aws vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - IOMMU subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - Network drivers; - STMicroelectronics network drivers; - Parport drivers; - Pin controllers subsystem; - Direct Digital Synthesis drivers; - TCM subsystem; - TTY drivers; - USB Dual Role (OTG-ready) Controller drivers; - USB Serial drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - BTRFS file system; - File systems infrastructure; - Network file system (NFS) client; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - User-space API (UAPI); - io_uring subsystem; - BPF subsystem; - Timer substystem drivers; - Tracing infrastructure; - Closures library; - Memory management; - Amateur Radio drivers; - Bluetooth subsystem; - Networking core; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - Network traffic control; - SCTP protocol; - VMware vSockets driver; - XFRM subsystem; - Key management; - FireWire sound drivers; - HD-audio driver; - QCOMASoC drivers; - STMicroelectronics SoC drivers; - KVM core; (CVE-2024-50141, CVE-2024-53101, CVE-2024-50301, CVE-2024-50082, CVE-2024-39497, CVE-2024-50245, CVE-2024-50302, CVE-2024-35887, CVE-2024-50205, CVE-2024-50153, CVE-2024-50154, CVE-2024-50279, CVE-2024-50074, CVE-2024-50168, CVE-2024-50128, CVE-2024-53141, CVE-2024-50290, CVE-2024-50292, CVE-2024-50218, CVE-2024-50193, CVE-2024-50209, CVE-2024-53088, CVE-2024-50058, CVE-2024-50116, CVE-2024-50199, CVE-2024-50083, CVE-2024-50265, CVE-2024-53058, CVE-2024-50244, CVE-2024-50195, CVE-2024-41066, CVE-2024-50151, CVE-2024-50229, CVE-2024-42291, CVE-2024-40965, CVE-2024-50160, CVE-2024-53097, CVE-2024-50134, CVE-2024-53164, CVE-2024-50295, CVE-2024-50267, CVE-2024-50251, CVE-2024-50198, CVE-2024-53042, CVE-2024-40953, CVE-2024-50167, CVE-2024-50010, CVE-2024-42252, CVE-2024-53055, CVE-2024-50259, CVE-2024-50110, CVE-2024-50208, CVE-2024-50249, CVE-2024-50148, CVE-2024-50269, CVE-2024-50182, CVE-2024-50115, CVE-2024-50287, CVE-2024-50142, CVE-2024-53103, CVE-2024-50099, CVE-2024-50234, CVE-2024-50282, CVE-2024-50185, CVE-2024-50247, CVE-2024-50257, CVE-2024-50036, CVE-2024-50268, CVE-2024-50127, CVE-2024-50230, CVE-2024-50278, CVE-2024-50273, CVE-2024-26718, CVE-2024-50086, CVE-2024-50262, CVE-2024-50236, CVE-2024-50117, CVE-2024-50237, CVE-2024-53104, CVE-2024-50194, CVE-2024-50192, CVE-2024-53061, CVE-2024-53052, CVE-2024-50202, CVE-2024-41080, CVE-2024-50143, CVE-2023-52913, CVE-2024-50296, CVE-2024-50085, CVE-2024-50196, CVE-2024-50072, CVE-2024-50171, CVE-2024-50103, CVE-2024-50101, CVE-2024-50156, CVE-2024-50201, CVE-2024-50233, CVE-2024-53059, CVE-2024-53066, CVE-2024-53063, CVE-2024-50150, CVE-2024-50131, CVE-2024-50163, CVE-2024-50162, CVE-2024-50299, CVE-2024-50232) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1078-aws 5.15.0-1078.85 linux-image-aws-lts-22.04 5.15.0.1078.80 After a standard system update you need to reboot yourcomputer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7308-1 CVE-2023-52913, CVE-2024-26718, CVE-2024-35887, CVE-2024-39497, CVE-2024-40953, CVE-2024-40965, CVE-2024-41066, CVE-2024-41080, CVE-2024-42252, CVE-2024-42291, CVE-2024-50010, CVE-2024-50036, CVE-2024-50058, CVE-2024-50072, CVE-2024-50074, CVE-2024-50082, CVE-2024-50083, CVE-2024-50085, CVE-2024-50086, CVE-2024-50099, CVE-2024-50101, CVE-2024-50103, CVE-2024-50110, CVE-2024-50115, CVE-2024-50116, CVE-2024-50117, CVE-2024-50127, CVE-2024-50128, CVE-2024-50131, CVE-2024-50134, CVE-2024-50141, CVE-2024-50142, CVE-2024-50143, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151, CVE-2024-50153, CVE-2024-50154, CVE-2024-50156, CVE-2024-50160, CVE-2024-50162, CVE-2024-50163, CVE-2024-50167, CVE-2024-50168, CVE-2024-50171, CVE-2024-50182, CVE-2024-50185, CVE-2024-50192, CVE-2024-50193, CVE-2024-50194, CVE-2024-50195, CVE-2024-50196, CVE-2024-50198, CVE-2024-50199, CVE-2024-50201, CVE-2024-50202, CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50232, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50244, CVE-2024-50245, CVE-2024-50247, CVE-2024-50249, CVE-2024-50251, CVE-2024-50257, CVE-2024-50259, CVE-2024-50262, CVE-2024-50265, CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287, CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50296, CVE-2024-50299, CVE-2024-50301, CVE-2024-50302, CVE-2024-53042, CVE-2024-53052, CVE-2024-53055, CVE-2024-53058, CVE-2024-53059, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53088, CVE-2024-53097, CVE-2024-53101, CVE-2024-53103, CVE-2024-53104, CVE-2024-53141, CVE-2024-53164 Package Information: https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1078.85 . Debian 11.5 updates tackle various system vulnerabilities and improve overall stability. A restart is required following this update.. Linux Kernel Update, Ubuntu Security Advisory, AWS Kernel Improvements. . Severity: Critical. LinuxSecurity.com Team
Feb 27, 2025
•Critical
Ubuntu
89
security advisoryupdatecriticalFedora 39: FEDORA-2024-020dbf247c critical: xen deadlock fix
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] update to xen-4.17.5. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-020dbf247c 2024-10-10 00:50:40.803278 -------------------------------------------------------------------------------- Name : xen Product : Fedora 39 Version : 4.17.5 Release : 2.fc39 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] update to xen-4.17.5 -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 24 2024 Michael Young - 4.17.5-2 - x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] * Sat Sep 14 2024 Michael Young - 4.17.5-1 - update to xen-4.17.5 remove or adjust patches now included or superceded upstream now need to enable systemd explicitly -------------------------------------------------------------------------------- References: [ 1 ] Bug #2314782 - CVE-2024-45817 xen: Deadlock in vlapic_error() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314782 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-020dbf247c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 10, 2024
•Critical
Fedora
89
security advisorycriticalFedoraFedora 37: FEDORA-2023-881672fdab Critical: Xenstored and Libfsimage Issues
xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-881672fdab 2023-10-27 01:10:52.863737 -------------------------------------------------------------------------------- Name : xen Product : Fedora 37 Version : 4.16.5 Release : 3.fc37 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 11 2023 Michael Young - 4.16.5-3 - xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] - x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] - Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] - x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-881672fdab' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 27, 2023
•Critical
Fedora
89
security advisorycriticalFedoraFedora 36: FEDORA-2022-4f7cd241e2 Critical: Insufficient TLB Flush in Xen
insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-4f7cd241e2 2022-07-31 01:30:22.784964 --------------------------------------------------------------------------------Name : xen Product : Fedora 36 Version : 4.16.1 Release : 8.fc36 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] --------------------------------------------------------------------------------ChangeLog: * Tue Jul 26 2022 Michael Young - 4.16.1-8 - insufficient TLB flush for x86 PV guests in shadow mode [XSA-408, CVE-2022-33745] * Sat Jul 23 2022 Fedora Release Engineering - 4.16.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-4f7cd241e2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 30, 2022
•Critical
Fedora
217
security advisorysecurity issuekernel updateOracle Linux 8 ELSA-2022-9199 Important: Kernel Update Critical Threat
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-9199 https://linux.oracle.com/errata/ELSA-2022-9199.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.304.4.4.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.304.4.4.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.304.4.4.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.304.4.4.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.304.4.4.el8uek.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.304.4.4.el8uek.src.rpm Related CVEs: CVE-2021-26341 Description of changes: [5.4.17-2136.304.4.4.el8uek] - arm64: Use the clearbhb instruction in mitigations (James Morse) [Orabug: 33921646] - arm64: add ID_AA64ISAR2_EL1 sys register (Joey Gouly) [Orabug: 33921646] - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated (James Morse) [Orabug: 33921646] - arm64: Mitigate spectre style branch history side channels (James Morse) [Orabug: 33921646] - KVM: arm64: Add templates for BHB mitigation sequences (James Morse) [Orabug: 33921646] - arm64: Add Cortex-X2 CPU part definition (Anshuman Khandual) [Orabug: 33921646] - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition (Suzuki K Poulose) [Orabug: 33921646] - arm64: Add part number for Arm Cortex-A77 (Rob Herring) [Orabug: 33921646] - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 (James Morse) [Orabug: 33921646] - arm64: Add percpu vectors for EL1 (James Morse) [Orabug: 33921646] - arm64: entry: Add macro for reading symbol addresses from the trampoline (James Morse) [Orabug: 33921646] - arm64: entry: Add vectors that have the bhb mitigation sequences (James Morse) [Orabug: 33921646] - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations (James Morse) [Orabug: 33921646] - arm64: entry: Allow the trampoline text to occupymultiple pages (James Morse) [Orabug: 33921646] - arm64: entry: Make the kpti trampoline's kpti sequence optional (James Morse) [Orabug: 33921646] - arm64: entry: Move trampoline macros out of ifdef'd section (James Morse) [Orabug: 33921646] - arm64: entry: Don't assume tramp_vectors is the start of the vectors (James Morse) [Orabug: 33921646] - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary (James Morse) [Orabug: 33921646] - arm64: entry: Move the trampoline data page before the text page (James Morse) [Orabug: 33921646] - arm64: entry: Free up another register on kpti's tramp_exit path (James Morse) [Orabug: 33921646] - arm64: entry: Make the trampoline cleanup optional (James Morse) [Orabug: 33921646] - arm64: entry.S: Add ventry overflow sanity checks (James Morse) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: Add initial retpoline support" (Russell King) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: asm: Use *_nospec variants for blr and br." (Russell King) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: Add MIDR_APM_POTENZA." (Russell King) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: insn: Add offset getter/setter for adr." (Russell King) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: alternatives: Add support for adr/adrp with offset in alt block." (Russell King) [Orabug: 33921646] - Revert "BACKPORT: VARIANT 2: arm64: Use alternative framework for retpoline." (Russell King) [Orabug: 33921646] - Revert "Arm64: add retpoline to cpu_show_spectre_v2" (Russell King) [Orabug: 33921646] - Revert "arm64: retpoline: Don't use retpoline in KVM's HYP part." (Russell King) [Orabug: 33921646] - Revert "uek-rpm: aarch64 config enable RETPOLINE" (Russell King) [Orabug: 33921646] - Revert "uek-rpm: aarch64 config enable RETPOLINE OL8" (Russell King) [Orabug: 33921646] - x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Extend our code to properlysupport eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33922121] {CVE-2021-26341} - Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33922121] {CVE-2021-26341} - x86/speculation: Fix bug in retpoline mode on AMD with `spectre_v2=none` (Patrick Colp) [Orabug: 33922121] {CVE-2021-26341} - bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33926314] _______________________________________________ El-errata mailing list
Mar 09, 2022
•Important
Oracle
89
security advisoryupdatecriticalFedora 33: FEDORA-2021-7785f6c616 Critical: IRQ Vector Leak on x86
IRQ vector leak on x86 [XSA-360]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-7785f6c616 2021-01-25 01:23:49.983093 --------------------------------------------------------------------------------Name : xen Product : Fedora 33 Version : 4.14.1 Release : 2.fc33 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: IRQ vector leak on x86 [XSA-360] --------------------------------------------------------------------------------ChangeLog: * Thu Jan 21 2021 Michael Young - 4.14.1-2 - IRQ vector leak on x86 [XSA-360] --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-7785f6c616' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 24, 2021
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!