Download
| Alert*
|
oval:org.secpod.oval:def:89002176
This update for xen fixes the following issues: XEN was updated to the Xen 4.9.3 bug fix only release - CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-1547 ... oval:org.secpod.oval:def:115212 The kernel meta package oval:org.secpod.oval:def:52110 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89043614 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 , and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms ------------------------------- ... oval:org.secpod.oval:def:115537 The kernel meta package oval:org.secpod.oval:def:115530 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:53402 Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary address ... oval:org.secpod.oval:def:51105 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:115435 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:51115 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:1700069 Fixes for L1Terminal Fault security issues:L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault an ... oval:org.secpod.oval:def:89043578 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms -------------------------------- ... oval:org.secpod.oval:def:114968 The kernel meta package oval:org.secpod.oval:def:114967 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:704281 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704283 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:89043758 This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS pr ... oval:org.secpod.oval:def:89043518 This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS pr ... oval:org.secpod.oval:def:89043763 This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS pr ... oval:org.secpod.oval:def:52946 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:52945 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704278 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:704279 linux-aws: Linux kernel for Amazon Web Services systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:1600910 Fixes for L1Terminal Fault security issues:L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault an ... oval:org.secpod.oval:def:89043754 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- gt;New ---- new platforms -------------------------------- ... oval:org.secpod.oval:def:89043991 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache us ... oval:org.secpod.oval:def:114971 The kernel meta package oval:org.secpod.oval:def:114970 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:89043651 The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 ... oval:org.secpod.oval:def:89049704 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- greater than New ---- new platforms ---------------------- ... oval:org.secpod.oval:def:89002604 This update for the Linux Kernel 4.4.120-92_70 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthr ... oval:org.secpod.oval:def:47217 An attacker who has successfully exploited L1TF may be able to read privileged data across trust boundaries. In shared resource environments (such that exist in some cloud services configurations), this vulnerability could allow one virtual machine to improperly access information from another. An a ... oval:org.secpod.oval:def:47219 An attacker who has successfully exploited L1TF may be able to read privileged data across trust boundaries. In shared resource environments (such that exist in some cloud services configurations), this vulnerability could allow one virtual machine to improperly access information from another. An a ... oval:org.secpod.oval:def:704456 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:48684 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted ... oval:org.secpod.oval:def:89002641 This update for the Linux Kernel 4.4.114-92_67 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthr ... oval:org.secpod.oval:def:89002513 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache us ... oval:org.secpod.oval:def:89002628 This update for the Linux Kernel 4.4.114-94_14 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthr ... oval:org.secpod.oval:def:1502288 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:48635 The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or before 10.11.6 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the speculative execution and address translations issues. Successful exploitation allows ... oval:org.secpod.oval:def:47664 The host is installed with Apple Mac OS before 10.14 and is prone to multiple vulnerabilities. The flaw is present in the application, which fails to properly handle multiple issues. Successful exploitation allows remote attackers to execute arbitrary code or read restricted memory. oval:org.secpod.oval:def:1502289 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704305 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:89002626 This update for the Linux Kernel 4.4.74-92_38 fixes several issues. The following security issues were fixed: - CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthre ... oval:org.secpod.oval:def:1502290 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502291 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502292 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:204866 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:204865 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:89002456 This update for xen fixes the following issues: This security issue was fixed: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user a ... oval:org.secpod.oval:def:89002207 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5390 aka quot;SegmentSmackquot;: Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for ... oval:org.secpod.oval:def:115165 The kernel meta package oval:org.secpod.oval:def:603490 This update provides mitigations for the L1 Terminal Fault vulnerability affecting a range of Intel CPUs. For additional information please refer to https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates mentioned there are not yet available in a form distributable by Debian. In additi ... oval:org.secpod.oval:def:502348 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:502347 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF ... oval:org.secpod.oval:def:603497 Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary address ... oval:org.secpod.oval:def:2100356 Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. oval:org.secpod.oval:def:89049689 This update for xen fixes the following issues: Update to Xen 4.10.2 bug fix release . Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Deni ... oval:org.secpod.oval:def:89049686 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by oth ... oval:org.secpod.oval:def:89002370 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by ... oval:org.secpod.oval:def:115019 The kernel meta package oval:org.secpod.oval:def:115129 The kernel meta package oval:org.secpod.oval:def:115247 The kernel meta package oval:org.secpod.oval:def:53004 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89049735 This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS pr ... oval:org.secpod.oval:def:115038 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:53398 This update provides mitigations for the "L1 Terminal Fault" vulnerability affecting a range of Intel CPUs. For additional information please refer to https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates mentioned there are not yet available in a form distributable by Debia ... |
