search for: speculativeexecution

Hi, A few days ago I stumbled upon a problem where SpeculativeExecution changed the order of a load and a store to the same address. I wrote https://bugs.llvm.org//show_bug.cgi?id=32964 about it but no response there so far. In the input we have store i8 0, i8* @i %.pre = load i8, i8* @i and then in the output the load is moved so it's before the stor...

Please patch the CentOS-virt Kernel to fix the Kernel Side-Channel Attacks vulnerabilities. The latest CentOS-virt kernel was released in November, as seen below. kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 https://access.redhat.com/security/vulnerabilities/speculativeexecution http://mirror.centos.org/centos/7/virt/x86_64/xen/

...rt Kernel to fix the >> Kernel Side-Channel Attacks vulnerabilities. >> >> The latest CentOS-virt kernel was released in November, as seen below. >> >> kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 >> >> https://access.redhat.com/security/vulnerabilities/speculativeexecution >> http://mirror.centos.org/centos/7/virt/x86_64/xen/ >> > > ?As far as I can see, the patches for ? > KAISER (Kernel Address > ? ?Isolation to have Side-channels Efficiently Removed) will appear in > kernel 4.9.75. Looks like it will be released soon upstream (kernel.or...

I have a clean install, fully updated CentOS 6 32-bit. When I run the Red Hat detection script: https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh it finds that the system is vulnerable. Is this false positive or there is no patches for CentOS 6 32-bit systems? Thank you, -- Peter

...l Attacks vulnerabilities. >>>> >>>> The latest CentOS-virt kernel was released in November, as seen below. >>>> >>>> kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 >>>> >>>> https://access.redhat.com/security/vulnerabilities/speculativeexecution >>>> http://mirror.centos.org/centos/7/virt/x86_64/xen/ >>>> >>> >>> As far as I can see, the patches for >>> KAISER (Kernel Address >>> Isolation to have Side-channels Efficiently Removed) will appear in >>> kernel 4.9.75. Looks...

...ness of CentOS Linux > for their own usage profiles. If you require fully tested solutions > with software assurance and validated security, that is what RHEL is > for, right? > > > You can read more about those issues here: > https://access.redhat.com/security/vulnerabilities/speculativeexecution > > Thanks, > Johnny Hughes > > > On 03/06/2018 04:35 PM, Peter Wood wrote: > > I have a clean install, fully updated CentOS 6 32-bit. > > > > When I run the Red Hat detection script: > > https://access.redhat.com/sites/default/files/spectre- > meltdown-...

...; Please patch the CentOS-virt Kernel to fix the > Kernel Side-Channel Attacks vulnerabilities. > > The latest CentOS-virt kernel was released in November, as seen below. > > kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 > > https://access.redhat.com/security/vulnerabilities/speculativeexecution > http://mirror.centos.org/centos/7/virt/x86_64/xen/ > ?As far as I can see, the patches for ? KAISER (Kernel Address ? ?Isolation to have Side-channels Efficiently Removed) will appear in kernel 4.9.75. Looks like it will be released soon upstream (kernel.org). Akemi -------------- next pa...

...;> Kernel Side-Channel Attacks vulnerabilities. >>> >>> The latest CentOS-virt kernel was released in November, as seen below. >>> >>> kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 >>> >>> https://access.redhat.com/security/vulnerabilities/speculativeexecution >>> http://mirror.centos.org/centos/7/virt/x86_64/xen/ >>> >> >> As far as I can see, the patches for >> KAISER (Kernel Address >> Isolation to have Side-channels Efficiently Removed) will appear in >> kernel 4.9.75. Looks like it will be released soo...

...;rikske at deds.nl> napisala: Please patch the CentOS-virt Kernel to fix the Kernel Side-Channel Attacks vulnerabilities. The latest CentOS-virt kernel was released in November, as seen below. kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30 https://access.redhat.com/security/vulnerabilities/speculativeexecution http://mirror.centos.org/centos/7/virt/x86_64/xen/ _______________________________________________ CentOS-virt mailing list CentOS-virt at centos.org https://lists.centos.org/mailman/listinfo/centos-virt -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lis...

...r (and validate) the security fitness of CentOS Linux for their own usage profiles. If you require fully tested solutions with software assurance and validated security, that is what RHEL is for, right? You can read more about those issues here: https://access.redhat.com/security/vulnerabilities/speculativeexecution Thanks, Johnny Hughes On 03/06/2018 04:35 PM, Peter Wood wrote: > I have a clean install, fully updated CentOS 6 32-bit. > > When I run the Red Hat detection script: > https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh > > it finds that the system is v...

...ote: 1) This is a widespread issue with potentially huge impact, we appreciate any help in spreading the word around so maximum number of users are able to find out, and patch their systems. 2) Upstream is curating information around this issue at https://access.redhat.com/security/vulnerabilities/speculativeexecution - information on that page would be helpful for most people on CentOS Linux as well. 3) Please reach out to us at #centos on irc.freenode.net for any feedback, comments, questions or concerns. -- Karanbir Singh, Project Lead, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter....

...ote: 1) This is a widespread issue with potentially huge impact, we appreciate any help in spreading the word around so maximum number of users are able to find out, and patch their systems. 2) Upstream is curating information around this issue at https://access.redhat.com/security/vulnerabilities/speculativeexecution - information on that page would be helpful for most people on CentOS Linux as well. 3) Please reach out to us at #centos on irc.freenode.net for any feedback, comments, questions or concerns. -- Karanbir Singh, Project Lead, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter....

...forms/IPO' llvm[2]: Compiling CoreCLRGC.cpp for Release+Asserts build llvm[3]: Compiling ArgumentPromotion.cpp for Release+Asserts build llvm[3]: Compiling RuntimeDyldChecker.cpp for Release+Asserts build llvm[2]: Compiling CriticalAntiDepBreaker.cpp for Release+Asserts build llvm[3]: Compiling SpeculativeExecution.cpp for Release+Asserts build llvm[3]: Compiling RuntimeDyldELF.cpp for Release+Asserts build llvm[3]: Compiling StraightLineStrengthReduce.cpp for Release+Asserts build llvm[3]: Compiling BarrierNoopPass.cpp for Release+Asserts build llvm[2]: Compiling DFAPacketizer.cpp for Release+Asserts build l...