stable

qemu-2.11.1-3.fc28

FEDORA-2018-44f8a7454d created by berrange 6 years ago for Fedora 28

New CPU features for speculative store bypass (CVE-2018-3639)

On Intel x86 hosts, the "ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. NB this requires new microcode too, which is not yet available in Fedora microcode_ctl RPMs.

On AMD x86 hosts, the "virt-ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. There is no microcode dependency for AMD as this is a virtualized CPUID feature.

In both cases, kernel >= 4.16.10-301 is required on the host and guest in order to activate the fix.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-44f8a7454d

This update has been submitted for testing by berrange.

6 years ago

berrange edited this update.

6 years ago

berrange edited this update.

6 years ago

This update has been pushed to testing.

6 years ago
User Icon dhgutteridge commented & provided feedback 6 years ago
karma

No regressions noted.

User Icon mhayden commented & provided feedback 6 years ago
karma

Working for me.

User Icon cserpentis commented & provided feedback 6 years ago
karma

works for me

This update has been submitted for batched by bodhi.

6 years ago

This update has been submitted for stable by bodhi.

6 years ago

This update has been pushed to stable.

6 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
6 years ago
in testing
6 years ago
in stable
6 years ago
modified
6 years ago
BZ#1566890 CVE-2018-3639 hw: cpu: speculative store bypass
0
0
BZ#1592751 CVE-2018-3639 qemu: hw: cpu: speculative store bypass [fedora-all]
0
0

Automated Test Results