Displaying 20 results from an estimated 5000 matches similar to: "CentOS-virt - Kernel Side-Channel Attacks"
2018 Jan 04
2
CentOS-virt - Kernel Side-Channel Attacks
On 01/04/2018 10:49 AM, Akemi Yagi wrote:
> On Thu, Jan 4, 2018 at 9:51 AM, <rikske at deds.nl> wrote:
>
>> Please patch the CentOS-virt Kernel to fix the
>> Kernel Side-Channel Attacks vulnerabilities.
>>
>> The latest CentOS-virt kernel was released in November, as seen below.
>>
>> kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30
>>
2018 Jan 06
1
CentOS-virt - Kernel Side-Channel Attacks
On 01/05/2018 06:33 AM, George Dunlap wrote:
> On Thu, Jan 4, 2018 at 7:12 PM, Sarah Newman <srn at prgmr.com> wrote:
>> On 01/04/2018 10:49 AM, Akemi Yagi wrote:
>>> On Thu, Jan 4, 2018 at 9:51 AM, <rikske at deds.nl> wrote:
>>>
>>>> Please patch the CentOS-virt Kernel to fix the
>>>> Kernel Side-Channel Attacks vulnerabilities.
2018 Jan 04
0
CentOS-virt - Kernel Side-Channel Attacks
On Thu, Jan 4, 2018 at 9:51 AM, <rikske at deds.nl> wrote:
> Please patch the CentOS-virt Kernel to fix the
> Kernel Side-Channel Attacks vulnerabilities.
>
> The latest CentOS-virt kernel was released in November, as seen below.
>
> kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30
>
> https://access.redhat.com/security/vulnerabilities/speculativeexecution
>
2018 Jan 05
0
CentOS-virt - Kernel Side-Channel Attacks
On Thu, Jan 4, 2018 at 7:12 PM, Sarah Newman <srn at prgmr.com> wrote:
> On 01/04/2018 10:49 AM, Akemi Yagi wrote:
>> On Thu, Jan 4, 2018 at 9:51 AM, <rikske at deds.nl> wrote:
>>
>>> Please patch the CentOS-virt Kernel to fix the
>>> Kernel Side-Channel Attacks vulnerabilities.
>>>
>>> The latest CentOS-virt kernel was released in
2018 Jan 10
0
CentOS-virt - Kernel Side-Channel Attacks
Is this CentOS-virt kernel compatible and recommended for KVM use or should
I stick with 3.10?
4. jan. 2018 6:51 pop. je oseba <rikske at deds.nl> napisala:
Please patch the CentOS-virt Kernel to fix the
Kernel Side-Channel Attacks vulnerabilities.
The latest CentOS-virt kernel was released in November, as seen below.
kernel-4.9.63-29.el7.x86_64.rpm 2017-11-21 13:30
2017 May 10
4
-speculative-execution moving load before store
Hi,
A few days ago I stumbled upon a problem where SpeculativeExecution
changed the order of a load and a store to the same address.
I wrote
https://bugs.llvm.org//show_bug.cgi?id=32964
about it but no response there so far.
In the input we have
store i8 0, i8* @i
%.pre = load i8, i8* @i
and then in the output the load is moved so it's before the store which
clearly makes it
2018 Mar 09
4
CentOS 6 i386 - meltdown and spectre
Hi Johnny,
Thank you for your reply.
It seems to me that my message may have came around as offensive but that
was not my intend. I have basic understanding how things work and when I
said CentOS I actually meant Red Hat and all its derivatives. I asked
CentOS community because that's the community I'm member of. Not to say
that CentOS is not secure or anything like that.
Anyway,
2018 Mar 06
2
CentOS 6 i386 - meltdown and spectre
I have a clean install, fully updated CentOS 6 32-bit.
When I run the Red Hat detection script:
https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh
it finds that the system is vulnerable.
Is this false positive or there is no patches for CentOS 6 32-bit systems?
Thank you,
-- Peter
2018 Jan 24
2
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
On Tue, Jan 23, 2018 at 06:20:39PM -0600, Kevin Stange wrote:
> On 01/23/2018 05:57 PM, Karl Johnson wrote:
> >
> >
> > On Tue, Jan 23, 2018 at 4:50 PM, Nathan March <nathan at gt.net
> > <mailto:nathan at gt.net>> wrote:
> >
> > Hi,
> >
> > > Hmm.. isn't this the ldisc bug that was discussed a few months ago on this
2018 Jan 23
2
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
On Tue, Jan 23, 2018 at 4:50 PM, Nathan March <nathan at gt.net> wrote:
> Hi,
>
> > Hmm.. isn't this the ldisc bug that was discussed a few months ago on
> this
> list,
> > and a patch was applied to virt-sig kernel aswell?
> >
> > Call trace looks similar..
>
> Good memory! I'd forgotten about that despite being the one who ran into
>
2018 Jan 24
1
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
> -----Original Message-----
> From: CentOS-virt [mailto:centos-virt-bounces at centos.org] On Behalf Of
> Johnny Hughes
> Sent: Wednesday, January 24, 2018 6:39 AM
> To: centos-virt at centos.org
> Subject: Re: [CentOS-virt] Xen 4.6.6-9 (with XPTI meltdown mitigation)
> packages making their way to centos-virt-xen-testing
>
> On 01/24/2018 01:01 AM, Pasi K?rkk?inen
2018 Mar 09
0
CentOS 6 i386 - meltdown and spectre
I have built all the source code releases from upstream for RHEL-6
regarding meltdown /spectre and released those into packages into the
CentOS Linux 6.9 updates repository.
As to whether or not either Arch (x86_64 or i386) is or is not
vulnerable, the CentOS team does not test for or make claims concerning
security fitness. What we do build the source code that is released
upstream.
Users must
2018 Jan 04
0
CESA-2018:0007 Important CentOS 7 kernel Security Update
CentOS Errata and Security Advisory 2018:0007 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0007
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
320ab3bd00bd1f051c69f65f2d4cd6ab64585f977d9cd7a52e64e8f8147894fc
kernel-3.10.0-693.11.6.el7.x86_64.rpm
2018 Jan 23
2
Xen 4.6.6-9 (with XPTI meltdown mitigation) packages making their way to centos-virt-xen-testing
Hi,
On Tue, Jan 23, 2018 at 10:35:24AM -0800, Nathan March wrote:
> > Thanks for the heads-up. It's been running through XenServer's tests
> > as well as the XenProject's "osstest" -- I haven't heard of any
> > additional issues, but I'll ask.
>
> Looks like I can reproduce this pretty easily, this happened upon ssh'ing
> into the
2019 Jun 12
1
Speculative attack mitigations
Hi folks,
Firstly; apologies in advance for what is a head wrecker of keeping on top of the speculative mitigations and also if this is a duplicate email; my first copy didn't seem to make it into the archive. Also a disclaimer that I may have misunderstood elements of the below but please bear with me.
I write this hoping to find out a bit more about the state of the relevant kernel
2015 Jul 07
2
SAMBA4 AD - Logon Scripts
Hi all
Anyone having problems running logon scripts in 4.2.2?
I've created a few test scripts (.bat, .vbs, etc) and placed them in the
netlogon folder and then assigned some user accounts either the .bat or .vbs
files using RSAT tools.
Yet at login none of my client workstations (Windows XP, 7 or 8) execute
their login scripts, none get mapped drives, etc. Browsing to the netlogon
2020 Mar 20
2
[RFC] Speculative Execution Side Effect Suppression for Mitigating Load Value Injection
Hi everyone!
I want to clarify the purpose and design of SESES. Thus far, I've
characterized it as an LVI mitigation which is somewhat incorrect.
SESES was built as a "big hammer." It is intended to protect against many
side channel vulnerabilities (Spectre v1, Spectre v4, LVI, etc, etc) even
though it was built in response to LVI.
For folks protecting against LVI, this is an
2018 Jan 05
0
CentOS-announce Digest, Vol 155, Issue 1
Send CentOS-announce mailing list submissions to
centos-announce at centos.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-request at centos.org
You can reach the person managing the list at
centos-announce-owner at centos.org
When
2018 Oct 08
1
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
Because of security vulnerabilities in tinc that have recently been
discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a summary of
the changes in tinc 1.0.35:
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
Here is a summery of the changes in tinc 1.1pre17:
* Prevent oracle attacks in the
2018 Oct 08
1
[Announcement] Tinc version 1.0.35 and 1.1pre17 released
Because of security vulnerabilities in tinc that have recently been
discovered, we hereby release tinc versions 1.0.35 and 1.1pre17. Here is a summary of
the changes in tinc 1.0.35:
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
Here is a summery of the changes in tinc 1.1pre17:
* Prevent oracle attacks in the