DSA-4444-1 linux -- linuxID: oval:org.secpod.oval:def:603922 | Date: (C)2019-06-25 (M)2024-04-17 |
Class: PATCH | Family: unix |
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures . This flaw could allow an attacker controlling an unprivileged process to read sensitive information, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. To fully resolve these vulnerabilities it is also necessary to install updated CPU microcode. An updated intel-microcode package will be provided via a separate DSA. The updated CPU microcode may also be available as part of a system firmware update. In addition, this update includes a fix for a regression causing deadlocks inside the loopback driver, which was introduced by the update to 4.9.168 in the last Stretch point release.
Product: |
linux-image-4.9 |
linux-headers-4.9 |
hyperv-daemons |
libcpupower-dev |
usbip |
libusbip-dev |
linux-compiler-gcc-6-x86 |
linux-cpupower |
linux-doc-4.9 |
linux-kbuild-4.9 |
linux-libc-dev |
linux-manual-4.9 |
linux-perf-4.9 |
linux-source-4.9 |
linux-support-4.9 |