Описание
ELSA-2019-4733: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.14.35-1902.3.2]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967570] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
kernel-uek
4.14.35-1902.3.2.el7uek
kernel-uek-debug
4.14.35-1902.3.2.el7uek
kernel-uek-debug-devel
4.14.35-1902.3.2.el7uek
kernel-uek-devel
4.14.35-1902.3.2.el7uek
kernel-uek-headers
4.14.35-1902.3.2.el7uek
kernel-uek-tools
4.14.35-1902.3.2.el7uek
kernel-uek-tools-libs
4.14.35-1902.3.2.el7uek
kernel-uek-tools-libs-devel
4.14.35-1902.3.2.el7uek
perf
4.14.35-1902.3.2.el7uek
python-perf
4.14.35-1902.3.2.el7uek
Oracle Linux x86_64
kernel-uek
4.14.35-1902.3.2.el7uek
kernel-uek-debug
4.14.35-1902.3.2.el7uek
kernel-uek-debug-devel
4.14.35-1902.3.2.el7uek
kernel-uek-devel
4.14.35-1902.3.2.el7uek
kernel-uek-doc
4.14.35-1902.3.2.el7uek
kernel-uek-tools
4.14.35-1902.3.2.el7uek
Связанные CVE
Связанные уязвимости
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released a...
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released...
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125. Microsoft released a
An information disclosure vulnerability exists when certain central pr ...