Add new CPU features for CVE-2017-5715 and CVE-2018-3639 On Intel x86 hosts, the "ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. NB this requires new microcode too, which is not yet available in Fedora microcode_ctl RPMs. On AMD x86 hosts, the "virt-ssbd" feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. There is no microcode dependency for AMD as this is a virtualized CPUID feature. In both cases, kernel >= 4.16.10-301 is required on the host and guest in order to activate the fix.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2018-9f02e5ed7b
Please login to add feedback.
This update has been submitted for testing by berrange.
This update has been pushed to testing.
works for me in a VM
no regressions noted
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
Works
This update has been submitted for batched by bodhi.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.