Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:8158
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="8158"> <issue tracker="bnc" id="1070615">qemu: tpm device passthrough fails on kernels >= 4.0</issue> <issue tracker="bnc" id="1092885">VUL-0: CVE-2018-3639: qemu,kvm,libvirt: V4 – Speculative Store Bypass aka "Memory Disambiguation"</issue> <issue tracker="cve" id="2018-3639"/> <category>security</category> <rating>important</rating> <packager>bfrogers</packager> <description>This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885). Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named "ssbd" to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well. For this feature to be enabled please use the qemu commandline -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take advantage of the feature. spec-ctrl and ssbd support is also required in the host. This non-security issue was fixed: - bsc#1070615: Add new look up path "sys/class/tpm" for tpm cancel path This update was imported from the SUSE:SLE-12-SP3:Update update project.</description> <summary>Security update for qemu</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor