exploitDog

SUSE-SU-2021:2861-1

Опубликовано: 27 авг. 2021

Источник: suse-cvrf

Описание

Security update for spectre-meltdown-checker

This update for spectre-meltdown-checker fixes the following issues:

spectre-meltdown-checker was updated to version 0.44 (bsc#1189477)

feat: add support for SRBDS related vulnerabilities
feat: add zstd kernel decompression (#370)
enh: arm: add experimental support for binary arm images
enh: rsb filling: no longer need the 'strings' tool to check for kernel support in live mode
fix: fwdb: remove Intel extract tempdir on exit
fix: has_vmm: ignore kernel threads when looking for a hypervisor (fixes #278)
fix: fwdb: use the commit date as the intel fwdb version
fix: fwdb: update Intel's repository URL
fix: arm64: CVE-2017-5753: kernels 4.19+ use a different nospec macro
fix: on CPU parse info under FreeBSD
chore: github: add check run on pull requests
chore: fwdb: update to v165.20201021+i20200616

Список пакетов

SUSE Enterprise Storage 6

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP2

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP3

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Server 15 SP1-BCL

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Server 15 SP1-LTSS

spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

spectre-meltdown-checker-0.44-3.6.1

SUSE Manager Proxy 4.0

spectre-meltdown-checker-0.44-3.6.1

SUSE Manager Retail Branch Server 4.0

spectre-meltdown-checker-0.44-3.6.1

SUSE Manager Server 4.0

spectre-meltdown-checker-0.44-3.6.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20212861-1/
Link for SUSE-SU-2021:2861-1
https://lists.suse.com/pipermail/sle-security-updates/2021-August/009366.html
E-Mail link for SUSE-SU-2021:2861-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1189477
SUSE Bug 1189477
https://www.suse.com/security/cve/CVE-2017-5753/
SUSE CVE CVE-2017-5753 page

Описание

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Затронутые продукты

SUSE Enterprise Storage 6:spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:spectre-meltdown-checker-0.44-3.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP2:spectre-meltdown-checker-0.44-3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-5753.html
CVE-2017-5753
https://bugzilla.suse.com/1068032
SUSE Bug 1068032
https://bugzilla.suse.com/1074562
SUSE Bug 1074562
https://bugzilla.suse.com/1074578
SUSE Bug 1074578
https://bugzilla.suse.com/1074701
SUSE Bug 1074701
https://bugzilla.suse.com/1075006
SUSE Bug 1075006
https://bugzilla.suse.com/1075419
SUSE Bug 1075419
https://bugzilla.suse.com/1075748
SUSE Bug 1075748
https://bugzilla.suse.com/1080039
SUSE Bug 1080039
https://bugzilla.suse.com/1087084
SUSE Bug 1087084
https://bugzilla.suse.com/1087939
SUSE Bug 1087939
https://bugzilla.suse.com/1089055
SUSE Bug 1089055
https://bugzilla.suse.com/1136865
SUSE Bug 1136865
https://bugzilla.suse.com/1178658
SUSE Bug 1178658
https://bugzilla.suse.com/1201877
SUSE Bug 1201877
https://bugzilla.suse.com/1209547
SUSE Bug 1209547