Security Updates and More Intel Defends
-
Security updates for Wednesday
Security updates have been issued by Debian (dpdk, intel-microcode, kernel, libssh2, qemu, and webkit2gtk), Fedora (apache-commons-beanutils, bluez, iwd, kernel, kernel-headers, kernel-tools, libell, and microcode_ctl), openSUSE (gdb), Oracle (kernel), Red Hat (kernel and kernel-rt), SUSE (dhcp, evolution, kernel, libcaca, python, python-xdg, qemu, sysstat, ucode-intel, and xen), and Ubuntu (dpdk, intel-microcode, kernel, linux, linux-aws, linux-kvm, linux, linux-lts-trusty, linux-azure, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-kvm, linux-oem-osp1, linux-oracle, linux-raspi2, linux-lts-xenial, linux-aws, linux-raspi2, and webkit2gtk).
-
Fedora and the November 12 Hardware Vulnerabilities.
As all of the news sites are picking up stories on the latest hardware vulnerabilities, I felt it best to give the Fedora update. I won't go into detail on the vulnerabilities themselves, as Red Hat has already done a good write up on each of the CVEs which I will link to below. There is one case to note where Fedora will differ from the Red Hat write ups. For "Transactional Synchronization Extensions (TSX) Asynchronous Abort" Fedora has chosen to default to "tsx=off Disable the TSX feature". This will likely be of no impact to most users, but as Fedora has taken a different stance from the Red Hat documentation here, it should be noted.
-
Intel's Linux Graphics Driver Updated For Denial Of Service + Privilege Escalation Bugs
Of the 77 security advisories Intel is making public and the three big ones of the performance-sensitive JCC Erratum, the new ZombieLoad TAA (TSX Asynchronous Abort), and iTLB Multihit No eXcuses, there are also two fixes to their kernel graphics driver around security issues separate from the CPU woes.
CVE-2019-0155 is about user-space writes to the blitter command streamer that could allow an unprivileged user to elevate their privileges on the system.
CVE-2019-0154 is the other vulnerability and that could result in an unprivileged user being able to cause a denial of service by reading select memory regions when the graphics hardware is in certain low-power configurations.
- Login or register to post comments
- Printer-friendly version
- 1925 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago