1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4444-1] linux security update

    From Salvatore Bonaccorso@1:229/2 to All on Tue May 14 23:30:01 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4444-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso
    May 14, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : linux
    CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Debian Bug : 928125

    Multiple researchers have discovered vulnerabilities in the way the
    Intel processor designs have implemented speculative forwarding of data
    filled into temporary microarchitectural structures (buffers). This
    flaw could allow an attacker controlling an unprivileged process to
    read sensitive information, including from the kernel and all other
    processes running on the system or cross guest/host boundaries to read
    host memory.

    See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html
    for more details.

    To fully resolve these vulnerabilities it is also necessary to install
    updated CPU microcode. An updated intel-microcode package (only
    available in Debian non-free) will be provided via a separate DSA. The
    updated CPU microcode may also be available as part of a system firmware ("BIOS") update.

    In addition, this update includes a fix for a regression causing
    deadlocks inside the loopback driver, which was introduced by the update
    to 4.9.168 in the last Stretch point release.

    For the stable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u2.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlzbK/hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RDbhAAkCG4A3Yx+lAGMIgm9lXWeacyTFQ7RhS0NzQ+7rewiQZti4JphoEnuub1 sq9GH041twKbQQKJiuRD7AvKIzt8hfziQVBvIs+Nojp3fOHU9TIDqqENmfBYflkQ qvP/tP5vqXREMihV6zGAzK47lfIvEztAQYiZymD4zMzWF0QrY/9/uEQFgwgD5AaP xvreR+M2tsWQR3MZOAfWlTbX9nSbyV2K7nULs5y+g0ko8sbJDxNhfKO/6yauSiHK pq6I3Fg56PsNtse/r/II9jlGE9DYvC+cI9vRNEBZep9A0dmRqN8j3sk0jmNVfi/F Tm3jWFgtRtaa6ANMeBHIBQzkGjML6GbE68Iyf0+EGZ7ZrXSeAIi4InYFCNJA7w5/ K0Nu2nCMAaxVwYPAO7mvNxAnKgOPLE+e7fYNlqztpHOO/nXNmOG7zknqstlkS+Vc LfsjAiqtAGw6PubdXMSc5BVrdQQTmT3tvqg4BW2i3bWeaW43MyQRc1cizplVrNLt KKgC1qNLGIvSZLejDF5KXX8VT50UEa05QshRHWu9Ckkvid2hedzipZkTsN5tsRoc XuCtYsbZqawHmExfyryqtkhTc4pti2nvHPzcMpJtmXtdkkvxh3ZYXbTR0vsSwJHt rLY3ms+Sw/DT0kdXgEb1gz4prezXcINgPhGDiP/hbRaQnsP2x7U=
    =ukU9
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)