ID

VAR-201801-0826

CVE

CVE-2017-5715

TITLE

CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

DESCRIPTION

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Has speculative execution function and out-of-order execution function CPU Several researchers have reported methods of performing side-channel attacks against Has speculative execution function and out-of-order execution function CPU side-channel attack method against (Spectre and Meltdown) has been reported. For more information, Google Project Zero blog post in ("Reading privileged memory with a side-channel") or Graz University of Technology (TU Graz) information from researchers in ("Meltdown and Spectre") Please refer to. "Reading privileged memory with a side-channel"https://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html"Meltdown and Spectre"https://meltdownattack.com/Sensitive information can be obtained from processes running with user privileges. Spectre As for the attack, crafted Javascript by the code Javascript cannot be obtained from web It has been reported that data can be obtained during the browser process. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \"melts\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \"cross-border\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Intel Xeon CPU E5-1650 v3, v2, v4 versions; Xeon E3-1265l v2, v3, v4 Version; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. By now, we're sure most everyone have heard of the Meltdown and Spectre attacks. If not, head over to https://meltdownattack.com/ and get an overview. https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html The FreeBSD Security Team was notified of the issue in late December and received a briefing under NDA with the original embargo date of January 9th. Since we received relatively late notice of the issue, our ability to provide fixes is delayed. Meltdown (CVE-2017-5754) ~~~~~~~~~~~~~~~~~~~~~~~~ In terms of priority, the first step is to mitigate against the Meltdown attack (CVE-2017-5754, cited as variant 3 by Project Zero). Work for this is ongoing, but due to the relatively large changes needed, this is going to take a little while. We are currently targeting patches for amd64 being dev complete this week with testing probably running into next week. From there, we hope to give it a short bake time before pushing it into the 11.1-RELEASE branch. Additional work will be required to bring the mitigation to 10.3-RELEASE and 10.4-RELEASE. The code will be selectable via a tunable which will automatically turn on for modern Intel processors and off for AMD processors (since they are reportedly not vulnerable). Since the fix for Meltdown does incur a performance hit for any transition between user space and kernel space, this could be rather impactful depending on the workload. As such, the tunable can also be overridden by the end-user if they are willing to accept the risk. Initial work can be tracked at https://reviews.freebsd.org/D13797. Please note this is a work in progress and some stuff is likely to be broken. Spectre (CVE-2017-5753 and CVE-2017-5715) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When it comes to the Spectre vulnerabilities, it is much harder to sort these out. Variant 1 (CVE-2017-5753) is going to require some static analysis to determine vulnerable use cases that will require barriers to stop speculation from disclosing information it shouldn't. While we haven't done the analysis to determine where we are vulnerable, the number of cases here are supposed to be pretty small. Apparently there have been some Coverity rules developed to help look for these, but we are still evaluating what can be done here. The other half of Spectre, variant 2 (CVE-2017-5715) is a bit trickier as it affects both normal processes and bhyve. There is a proposed patch for LLVM (https://reviews.llvm.org/D41723) that introduces a concept called 'retpoline' which mitigates this issue. We are likely to pull this into HEAD and 11-STABLE once it hits the LLVM tree. Unfortunately, the currently supported FreeBSD releases are using older versions of LLVM for which we are not sure the LLVM project will produce patches. We will be looking at the feasibility to backport these patches to these earlier versions. There are CPU microcode fixes coming out when in concert with OS changes would also help, but that's a bit down the road at the moment. If anything significantly changes I will make additional posts to clarify as the information becomes available. Best regards, Gordon Tetlow with security-officer hat on . ========================================================================== Ubuntu Security Notice USN-3582-1 February 22, 2018 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-17712) Laurent Guerby discovered that the mbcache feature in the ext2 and ext4 filesystems in the Linux kernel improperly handled xattr block caching. A local attacker could use this to cause a denial of service. (CVE-2015-8952) Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel did not properly track reference counts when merging buffers. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2017-12190) ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code, (CVE-2017-15115) Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8824) USN-3540-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the amd64 architecture in Ubuntu 16.04 LTS. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-1019-kvm 4.4.0-1019.24 linux-image-4.4.0-1052-aws 4.4.0-1052.61 linux-image-4.4.0-1085-raspi2 4.4.0-1085.93 linux-image-4.4.0-1087-snapdragon 4.4.0-1087.92 linux-image-4.4.0-116-generic 4.4.0-116.140 linux-image-4.4.0-116-generic-lpae 4.4.0-116.140 linux-image-4.4.0-116-lowlatency 4.4.0-116.140 linux-image-4.4.0-116-powerpc-e500mc 4.4.0-116.140 linux-image-4.4.0-116-powerpc-smp 4.4.0-116.140 linux-image-4.4.0-116-powerpc64-emb 4.4.0-116.140 linux-image-4.4.0-116-powerpc64-smp 4.4.0-116.140 linux-image-aws 4.4.0.1052.54 linux-image-generic 4.4.0.116.122 linux-image-generic-lpae 4.4.0.116.122 linux-image-kvm 4.4.0.1019.18 linux-image-lowlatency 4.4.0.116.122 linux-image-powerpc-e500mc 4.4.0.116.122 linux-image-powerpc-smp 4.4.0.116.122 linux-image-powerpc64-emb 4.4.0.116.122 linux-image-powerpc64-smp 4.4.0.116.122 linux-image-raspi2 4.4.0.1085.85 linux-image-snapdragon 4.4.0.1087.79 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Relevant releases/architectures: Management Agent for RHEL 7 Hosts - ppc64le, x86_64 3. 6) - i386, x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Once all virtual machines have shut down, start them again for this update to take effect. Ubuntu is working with Intel and AMD to provide future microcode updates that implement IBRS and IBPB as they are made available. Ubuntu users with a processor from a different vendor should contact the vendor to identify necessary firmware updates. Ubuntu will provide corresponding QEMU updates in the future for users of self-hosted virtual environments in coordination with upstream QEMU. Ubuntu users in cloud environments should contact the cloud provider to confirm that the hypervisor has been updated to expose the new CPU features to virtual machines. CVE-2017-5715 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is addressed in the Linux kernel on the powerpc/ppc64el architectures by flushing the L1 data cache on exit from kernel mode to user mode (or from hypervisor to kernel). This works on Power7, Power8 and Power9 processors. CVE-2017-13166 A bug in the 32-bit compatibility layer of the v4l2 IOCTL handling code has been found. Memory protections ensuring user-provided buffers always point to userland memory were disabled, allowing . This bug could be exploited by an attacker to overwrite kernel memory from an unprivileged userland process, leading to privilege escalation. The acpi_smbus_hc_add() prints a kernel address in the kernel log at every boot, which could be used by an attacker on the system to defeat kernel ASLR. Additionnaly to those vulnerability, some mitigations for CVE-2017-5753 are included in this release. CVE-2017-5753 Multiple researchers have discovered a vulnerability in various processors supporting speculative execution, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Spectre variant 1 (bounds-check bypass) and is mitigated in the Linux kernel architecture by identifying vulnerable code sections (array bounds checking followed by array access) and replacing the array access with the speculation-safe array_index_nospec() function. More use sites will be added over time. For the stable distribution (stretch), these problems have been fixed in version 4.9.82-1+deb9u2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlqO5kYACgkQ3rYcyPpX RFtjkgf9HK7sq/xNOFjZsc3iaVNdzDhDEth8ql/Q9WsbDP9JmlrwmlTsD/QAgXgx m9zIIJzyI9Dry60bVvYZHFrtYhQXX5zp9DYa89oinHv+1UxzaYHTHsNoh326k86n QUcDLYe2+JJgi/2KjLqfFfa5zgMqUNj3C6iBDezs0tCfE/QZAmAX7aA7A3mTJYLB 3v2tSoEeW0fb9M5Ic2QHJD1TW6NU+j6zaUeJRyhj7lthmyOcNxwTIrt2CswDnLUI tCMtzdce6OWAW5xXQxHwzzf5+vRvmm/f+wM2V3WTcA1Q0tfA5cZGFe2SMOhyGKtf KG1ziLYIY0OdCtdxj0K/wEzpe6cikg== =B81o -----END PGP SIGNATURE----- . X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 04 Jan 2018 21:59:52 +0000 (UTC) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libvirt security update Advisory ID: RHSA-2018:0029-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0029 Issue date: 2018-01-04 ===================================================================== 1. Summary: An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the libvirt side of the CVE-2017-5715 mitigation. Red Hat would like to thank Google Project Zero for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, libvirtd will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-3.2.0-14.el7_4.7.src.rpm x86_64: libvirt-3.2.0-14.el7_4.7.x86_64.rpm libvirt-client-3.2.0-14.el7_4.7.i686.rpm libvirt-client-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-libs-3.2.0-14.el7_4.7.i686.rpm libvirt-libs-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-admin-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-devel-3.2.0-14.el7_4.7.i686.rpm libvirt-devel-3.2.0-14.el7_4.7.x86_64.rpm libvirt-docs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.x86_64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.x86_64.rpm libvirt-nss-3.2.0-14.el7_4.7.i686.rpm libvirt-nss-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-3.2.0-14.el7_4.7.src.rpm x86_64: libvirt-client-3.2.0-14.el7_4.7.i686.rpm libvirt-client-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-libs-3.2.0-14.el7_4.7.i686.rpm libvirt-libs-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-3.2.0-14.el7_4.7.x86_64.rpm libvirt-admin-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-devel-3.2.0-14.el7_4.7.i686.rpm libvirt-devel-3.2.0-14.el7_4.7.x86_64.rpm libvirt-docs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.x86_64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.x86_64.rpm libvirt-nss-3.2.0-14.el7_4.7.i686.rpm libvirt-nss-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-3.2.0-14.el7_4.7.src.rpm ppc64: libvirt-3.2.0-14.el7_4.7.ppc64.rpm libvirt-client-3.2.0-14.el7_4.7.ppc.rpm libvirt-client-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.ppc64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc64.rpm libvirt-devel-3.2.0-14.el7_4.7.ppc.rpm libvirt-devel-3.2.0-14.el7_4.7.ppc64.rpm libvirt-docs-3.2.0-14.el7_4.7.ppc64.rpm libvirt-libs-3.2.0-14.el7_4.7.ppc.rpm libvirt-libs-3.2.0-14.el7_4.7.ppc64.rpm ppc64le: libvirt-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-client-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-devel-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-docs-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-libs-3.2.0-14.el7_4.7.ppc64le.rpm s390x: libvirt-3.2.0-14.el7_4.7.s390x.rpm libvirt-client-3.2.0-14.el7_4.7.s390.rpm libvirt-client-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.s390x.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.s390.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.s390x.rpm libvirt-devel-3.2.0-14.el7_4.7.s390.rpm libvirt-devel-3.2.0-14.el7_4.7.s390x.rpm libvirt-docs-3.2.0-14.el7_4.7.s390x.rpm libvirt-libs-3.2.0-14.el7_4.7.s390.rpm libvirt-libs-3.2.0-14.el7_4.7.s390x.rpm x86_64: libvirt-3.2.0-14.el7_4.7.x86_64.rpm libvirt-client-3.2.0-14.el7_4.7.i686.rpm libvirt-client-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-devel-3.2.0-14.el7_4.7.i686.rpm libvirt-devel-3.2.0-14.el7_4.7.x86_64.rpm libvirt-docs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-libs-3.2.0-14.el7_4.7.i686.rpm libvirt-libs-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-admin-3.2.0-14.el7_4.7.ppc64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.ppc64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.ppc64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.ppc64.rpm libvirt-nss-3.2.0-14.el7_4.7.ppc.rpm libvirt-nss-3.2.0-14.el7_4.7.ppc64.rpm ppc64le: libvirt-admin-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-login-shell-3.2.0-14.el7_4.7.ppc64le.rpm libvirt-nss-3.2.0-14.el7_4.7.ppc64le.rpm s390x: libvirt-admin-3.2.0-14.el7_4.7.s390x.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.s390x.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.s390.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.s390x.rpm libvirt-login-shell-3.2.0-14.el7_4.7.s390x.rpm libvirt-nss-3.2.0-14.el7_4.7.s390.rpm libvirt-nss-3.2.0-14.el7_4.7.s390x.rpm x86_64: libvirt-admin-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.x86_64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.x86_64.rpm libvirt-nss-3.2.0-14.el7_4.7.i686.rpm libvirt-nss-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-3.2.0-14.el7_4.7.src.rpm x86_64: libvirt-3.2.0-14.el7_4.7.x86_64.rpm libvirt-client-3.2.0-14.el7_4.7.i686.rpm libvirt-client-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-config-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-interface-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-network-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nodedev-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-nwfilter-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-qemu-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-secret-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-core-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-disk-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-logical-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-kvm-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-devel-3.2.0-14.el7_4.7.i686.rpm libvirt-devel-3.2.0-14.el7_4.7.x86_64.rpm libvirt-docs-3.2.0-14.el7_4.7.x86_64.rpm libvirt-libs-3.2.0-14.el7_4.7.i686.rpm libvirt-libs-3.2.0-14.el7_4.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-admin-3.2.0-14.el7_4.7.x86_64.rpm libvirt-daemon-lxc-3.2.0-14.el7_4.7.x86_64.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.i686.rpm libvirt-debuginfo-3.2.0-14.el7_4.7.x86_64.rpm libvirt-lock-sanlock-3.2.0-14.el7_4.7.x86_64.rpm libvirt-login-shell-3.2.0-14.el7_4.7.x86_64.rpm libvirt-nss-3.2.0-14.el7_4.7.i686.rpm libvirt-nss-3.2.0-14.el7_4.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5715 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFaTqHGXlSAg2UNWIIRAqU0AJ4kW5jfB1/d31je9rJnSEYgTU0AkACePaGb JMcjV72SLzcYR7FMBsK/U/k= =AU7P -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Software Description: - intel-microcode: Processor microcode for Intel CPUs Details: USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 14.2 kernel (SSA:2018-037-01) New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.115/*: Upgraded. This kernel includes full retpoline mitigation for the Spectre (variant 2) speculative side channel attack. Please note that this kernel was compiled with gcc-5.5.0, also provided as an update for Slackware 14.2. You'll need to install the updated gcc in order to compile kernel modules that will load into this updated kernel. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-firmware-20180201_2aa2ac2-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-generic-4.4.115-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-generic-smp-4.4.115_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-headers-4.4.115_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-huge-4.4.115-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-huge-smp-4.4.115_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-modules-4.4.115-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-modules-smp-4.4.115_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-source-4.4.115_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-firmware-20180201_2aa2ac2-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-generic-4.4.115-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-headers-4.4.115-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-huge-4.4.115-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-modules-4.4.115-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-source-4.4.115-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 1ea8df1a6e5a76e8cb875aba9f42993b kernel-firmware-20180201_2aa2ac2-noarch-1.txz 65ae3758100bf107ff3c23897ef1b5f9 kernel-generic-4.4.115-i586-1.txz c683178111756209c6dc1755e525e833 kernel-generic-smp-4.4.115_smp-i686-1.txz 0c5cca7eb08d4887f88b615a4a832e6e kernel-headers-4.4.115_smp-x86-1.txz 45397272b94b844c25ae3d13b9409f91 kernel-huge-4.4.115-i586-1.txz b326f2b6d30671f5917f7d1e9a00511b kernel-huge-smp-4.4.115_smp-i686-1.txz 6a1a72436299fdd149fabd67e5db9a00 kernel-modules-4.4.115-i586-1.txz bd1e7630fb6dd94f84d317fa55cb60f5 kernel-modules-smp-4.4.115_smp-i686-1.txz 74e80a52b163efde642a826e12f3ee0a kernel-source-4.4.115_smp-noarch-1.txz Slackware x86_64 14.2 packages: 1ea8df1a6e5a76e8cb875aba9f42993b kernel-firmware-20180201_2aa2ac2-noarch-1.txz be30a72f8fda706d0a36e11e71652301 kernel-generic-4.4.115-x86_64-1.txz 2e6dd637df1bbc83dab278c0fb9a1ffc kernel-headers-4.4.115-x86-1.txz 8d00477072ed624b4000e5ff9f260d57 kernel-huge-4.4.115-x86_64-1.txz e60a0f4aa1a8cc031db89b1d68b4e366 kernel-modules-4.4.115-x86_64-1.txz c4f92ddedc88105adcf4eafe863c2de6 kernel-source-4.4.115-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.115-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.115 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.115-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.115 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address

IOT TAXONOMY

AFFECTED PRODUCTS