Download
| Alert*
oval:org.secpod.oval:def:89000063
The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing ... oval:org.secpod.oval:def:117700 The kernel meta package oval:org.secpod.oval:def:116945 The kernel meta package oval:org.secpod.oval:def:116934 The kernel meta package oval:org.secpod.oval:def:89050794 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-12819: The function __mdiobus_register called put_device, which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. - CV ... oval:org.secpod.oval:def:116709 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:89003141 This update for kvm fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-clearquot; oval:org.secpod.oval:def:89003264 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:603948 DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. This update provides additional support for some Sandybridge server and Core-X CPUs which were not covered in the original May microcode release. For a ... oval:org.secpod.oval:def:1700215 Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writin ... oval:org.secpod.oval:def:89050887 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:1502504 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502505 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502502 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502503 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502624 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1601001 - Microarchitectural Store Buffer Data Sampling - Microarchitectural Fill Buffer Data Sampling - Microarchitectural Load Port Data Sampling - Microarchitectural Data Sampling Uncacheable Memory MSBDS leaks Store Buffer Entries which can be speculatively forwarded to a dependent load as an optim ... oval:org.secpod.oval:def:1502508 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502509 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502506 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89003378 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89003098 The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89050884 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003099 This update for qemu fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory access and information l ... oval:org.secpod.oval:def:89003132 The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89003138 This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 000009 ... oval:org.secpod.oval:def:54654 The host is missing a security update according to Apple advisory, APPLE-SA-2019-5-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause memory ... oval:org.secpod.oval:def:1502511 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502512 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502510 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700167 - Microarchitectural Store Buffer Data Sampling - Microarchitectural Fill Buffer Data Sampling - Microarchitectural Load Port Data Sampling - Microarchitectural Data Sampling Uncacheable Memory MSBDS leaks Store Buffer Entries which can be speculatively forwarded to a dependent load as an optim ... oval:org.secpod.oval:def:1502515 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502637 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502513 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89050639 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003091 This update for qemu fixes the following issues: Following security issues were fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-cl ... oval:org.secpod.oval:def:1502514 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116609 The kernel meta package oval:org.secpod.oval:def:116608 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:116605 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:116606 The kernel meta package oval:org.secpod.oval:def:57783 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-rasp ... oval:org.secpod.oval:def:89003081 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003232 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003354 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:705027 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:89050781 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:1502528 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502529 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89003195 This update for xen fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of s ... oval:org.secpod.oval:def:89050784 This update for ucode-intel fixes the following issues: The Intel CPU Microcode was updated to the official QSR 2019.1 Microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 ... oval:org.secpod.oval:def:57435 DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. This update provides additional support for some Sandybridge server and Core-X CPUs which were not covered in the original May microcode release. For a ... oval:org.secpod.oval:def:55650 Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally ... oval:org.secpod.oval:def:1502534 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:61489 Multiple vulnerabilities have been discovered in the libxen-dev hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the "TSX Asynchronous Abort" speculative side channel attack. For a ... oval:org.secpod.oval:def:1502535 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502536 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66434 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:89003466 This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ... oval:org.secpod.oval:def:116627 Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. oval:org.secpod.oval:def:116625 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:55021 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:116623 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:55022 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:55660 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:116621 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:55020 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:116622 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:55025 libvirt: Libvirt virtualization toolkit Several issues were addressed in libvirt. oval:org.secpod.oval:def:89003347 This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ... oval:org.secpod.oval:def:55023 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:55024 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:705018 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-rasp ... oval:org.secpod.oval:def:604670 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the quot;TSX Asynchronous Abortquot; speculative side channel attack. For additional ... oval:org.secpod.oval:def:89003453 This update for libvirt fixes the following issues: Four new speculative execution information leak issu Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitectural Load Port Data Sampling - CVE-2019-11091: Microarchitectural Data ... oval:org.secpod.oval:def:116618 The kernel meta package oval:org.secpod.oval:def:704950 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89003334 This update for xen to version 4.11.2 fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite lo ... oval:org.secpod.oval:def:704951 libvirt: Libvirt virtualization toolkit Several issues were addressed in libvirt. oval:org.secpod.oval:def:69938 Multiple vulnerabilities have been discovered in the libxen-dev hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the TSX Asynchronous Abort speculative side channel attack. For additional in ... oval:org.secpod.oval:def:89003173 This update for qemu fixes the following issues: - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-clearquot; oval:org.secpod.oval:def:1601041 Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA and STD sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operat ... oval:org.secpod.oval:def:55032 Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures . This flaw could allow an attacker controlling an unprivileged process to read sensitive information, inclu ... oval:org.secpod.oval:def:55311 intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ... oval:org.secpod.oval:def:89003457 This update for microcode_ctl fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:55035 This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. To fully resolve these vulnerabilities it is also necessary to update the Linux kernel packages as released in DSA 4444. oval:org.secpod.oval:def:1504333 [15:3.1.0-3.el7] - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091} [15:3.1.0-2.el7] - x86: Add mds feature - e1000: Never increment the RX undersize count register - qemu.spec ... oval:org.secpod.oval:def:704959 intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ... oval:org.secpod.oval:def:603922 Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures . This flaw could allow an attacker controlling an unprivileged process to read sensitive information, inclu ... oval:org.secpod.oval:def:70434 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:55047 intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ... oval:org.secpod.oval:def:89003205 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:603925 This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. To fully resolve these vulnerabilities it is also necessary to update the Linux kernel packages as released in DSA 4444. oval:org.secpod.oval:def:89003327 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.178 to receive various security and bugfixes. Four new speculative execution issues have been identified in Intel CPUs. oval:org.secpod.oval:def:116640 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:205204 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * A flaw was found in the implementation of the "fill buffer", a mechanis ... oval:org.secpod.oval:def:205205 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * A flaw was found in the implementation of the "fill buff ... oval:org.secpod.oval:def:89050629 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:205206 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:205207 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:502711 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:704949 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:205201 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * A flaw was found in the implementation of the "fill buffer", a mechanis ... oval:org.secpod.oval:def:502710 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... oval:org.secpod.oval:def:205202 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * A flaw was found in the implementation of the "fill buff ... oval:org.secpod.oval:def:502713 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * A flaw was found in the implementation of the "fill buffer", a mechanis ... oval:org.secpod.oval:def:502712 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * A flaw was found in the implementation of the "fill buff ... oval:org.secpod.oval:def:704945 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:502714 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:1502567 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704946 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 S ... oval:org.secpod.oval:def:704947 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:704948 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:89050868 This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ... oval:org.secpod.oval:def:704943 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 S ... oval:org.secpod.oval:def:89050581 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data ... oval:org.secpod.oval:def:116638 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:89003152 This update for microcode_ctl fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microa ... oval:org.secpod.oval:def:89050620 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory a ... oval:org.secpod.oval:def:116630 This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor oval:org.secpod.oval:def:54754 The host is missing an important security update for ADV190013 oval:org.secpod.oval:def:1504751 [15:3.1.0-3.el7] - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091} [15:3.1.0-2.el7] - x86: Add mds feature - e1000: Never increment the RX undersize count register - qemu.spec ... oval:org.secpod.oval:def:502724 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * A flaw was found in the implementation of the fill buffer, a mechanism used by mo ... oval:org.secpod.oval:def:54756 Intel published information about a new subclass of speculative execution side channel vulnerabilities known as Microarchitectural Data Sampling. An attacker who successfully exploited these vulnerabilities may be able to read privileged data across trust boundaries. In shared resource environments ... oval:org.secpod.oval:def:502725 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * A flaw was found in the implementation of the "fill buff ... oval:org.secpod.oval:def:502727 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the implementation of the quot;fill bufferquot;, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that woul ... |