Skip to content
This repository has been archived by the owner on Mar 16, 2022. It is now read-only.

1.284.0
Compare
Choose a tag to compare
@cf-buildpacks-eng cf-buildpacks-eng released this 04 Jun 18:52
· 2 commits to master since this release
1.284.0
cb15a02

Notably, this release addresses:

USN-3982-2 USN-3982-2: Linux kernel (Xenial HWE) vulnerabilities:

  • CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on somemicroprocessors utilizing speculative executionmay allow an authenticated userto potentially enable information disclosure via a side channel with localaccess.
  • CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on somemicroprocessors utilizing speculative execution may allow an authenticateduser to potentially enable information disclosure via a side channel withlocal access.
  • CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on somemicroprocessors utilizing speculative execution may allow an authenticateduser to potentially enable information disclosure via a side channel withlocal access.
  • CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheablememory on some microprocessors utilizing speculative execution may allow anauthenticated user to potentially enable information disclosure via a sidechannel with local access.
  • CVE-2019-3874: The SCTP socket buffer used by a userspace application is not accounted bythe cgroups subsystem. An attacker can use this flaw to cause a denial ofservice attack. Kernel 3.10.x and 4.18.x branches are believed to bevulnerable.
  • CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface implementation thatpermits violation of the user's locked memory limit. If a device is boundto a vfio driver, such as vfio-pci, and the local attacker isadministratively granted ownership of the device, it may cause a systemmemory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14and 4.18 are vulnerable.

USN-3983-1 USN-3983-1: Linux kernel vulnerabilities:

  • CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on somemicroprocessors utilizing speculative executionmay allow an authenticated userto potentially enable information disclosure via a side channel with localaccess.
  • CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on somemicroprocessors utilizing speculative execution may allow an authenticateduser to potentially enable information disclosure via a side channel withlocal access.
  • CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on somemicroprocessors utilizing speculative execution may allow an authenticateduser to potentially enable information disclosure via a side channel withlocal access.
  • CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheablememory on some microprocessors utilizing speculative execution may allow anauthenticated user to potentially enable information disclosure via a sidechannel with local access.
Assets 3
Loading