File _patchinfo of Package patchinfo.8090

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.8090

<patchinfo incident="8090">
  <issue tracker="bnc" id="1079869">VUL-0: libvirt: fixes for speculative side channel attacks  aka "SpectreAttack" (var2)</issue>
  <issue tracker="bnc" id="1083625">VUL-0: CVE-2018-1064: libvirt: Denial of service reading from guest agent</issue>
  <issue tracker="bnc" id="1092885">VUL-0: CVE-2018-3639:  qemu,kvm,libvirt: V4 &#8211; Speculative Store Bypass aka "Memory Disambiguation"</issue>
  <issue tracker="bnc" id="1076500">VUL-1: CVE-2018-5748: libvirt: resource exhaustion via qemuMonitorIORead() method</issue>
  <issue tracker="cve" id="2017-5715"/>
  <issue tracker="cve" id="2018-1064"/>
  <issue tracker="cve" id="2018-3639"/>
  <issue tracker="cve" id="2018-5748"/>
  <category>security</category>
  <rating>important</rating>
  <packager>jfehlig</packager>
  <description>This update for libvirt fixes the following issues:

Security issues fixed:

- CVE-2017-5715: Fixes for speculative side channel attacks aka &quot;SpectreAttack&quot; (var2) (bsc#1079869).
- CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka "Memory Disambiguation" (bsc#1092885).
- CVE-2018-1064: Fix denial of service problem during reading from guest agent (bsc#1083625).
- CVE-2018-5748: Fix resource exhaustion via qemuMonitorIORead() method (bsc#1076500).
</description>
  <summary>Security update for libvirt</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.8090

Places