FEDORA-2018-44f8a7454d created by berrange 2 years ago for Fedora 28
stable

New CPU features for speculative store bypass (CVE-2018-3639)

On Intel x86 hosts, the "ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. NB this requires new microcode too, which is not yet available in Fedora microcode_ctl RPMs.

On AMD x86 hosts, the "virt-ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. There is no microcode dependency for AMD as this is a virtualized CPUID feature.

In both cases, kernel >= 4.16.10-301 is required on the host and guest in order to activate the fix.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-44f8a7454d

This update has been submitted for testing by berrange.

2 years ago

berrange edited this update.

2 years ago

berrange edited this update.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon dhgutteridge commented & provided feedback 2 years ago
karma

No regressions noted.

User Icon mhayden commented & provided feedback 2 years ago
karma

Working for me.

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

This update has been submitted for batched by bodhi.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1566890 CVE-2018-3639 hw: cpu: speculative store bypass
0
0
BZ#1592751 CVE-2018-3639 qemu: hw: cpu: speculative store bypass [fedora-all]
0
0

Automated Test Results