[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2018:1669-01 -- Redhat libvirt

ID: oval:org.secpod.oval:def:502299Date: (C)2018-05-23   (M)2024-02-19
Class: PATCHFamily: unix




The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions . It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor"s data cache even for speculatively executed instructions that never actually commit . As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. Note: This is the libvirt side of the CVE-2018-3639 mitigation. Red Hat would like to thank Ken Johnson and Jann Horn for reporting this issue.

Platform:
Red Hat Enterprise Linux 6
Product:
libvirt
Reference:
RHSA-2018:1669-01
CVE-2018-3639
CVE    1
CVE-2018-3639
CPE    2
cpe:/o:redhat:enterprise_linux:6
cpe:/a:redhat:libvirt

© SecPod Technologies