CLD-201 Details
Other IDs this deficiency may be known by:
Basic Information:
| Affected Package(s) |
linux |
| Deficiency Type |
SECURITY |
| Date Created |
2018-01-07 13:45:00 |
| Date Last Modified |
2019-01-04 15:15:28 |
Version Specific Information:
| Cucumber 1.0 i686 | fixed in linux-4.9.77-i686-1 |
| Cucumber 1.0 x86_64 | fixed in linux-4.9.77-x86_64-1 |
| Cucumber 1.1 i686 |
fixed in linux-4.9.77-i686-1 |
| Cucumber 1.1 x86_64 |
fixed in linux-4.9.77-x86_64-1 |
Details:
==================================== Edit #12 ==================================
Further mitigated against in Linux 4.9.148. Here are the details from the
relevant changelog entry:
+----------------+
Fri Jan 4 14:23:14 EST 2019
base/linux upgraded from 4.9.147 to 4.9.148. This update an upstream update
that contains additional mitigations for the Spectre v1 vulnerability
(CVE-2017-5753). Also fixes CVE-2018-19985, an out of bounds read
security vulnerability in hso_probe. For more information see:
https://security.cucumberlinux.com/security/details.php?id=201
https://security.cucumberlinux.com/security/details.php?id=648
kernel/linux-source upgraded from 4.9.147 to 4.9.148
* SECURITY FIX *
+----------------+
==================================== Edit #11 ==================================
Further mitigated against in Linux 4.9.147. Here are the details from the
relevant changelog entry:
+----------------+
Wed Dec 26 15:52:08 EST 2018
base/linux upgraded from 4.9.146 to 4.9.147 to fix a Spectre v1 (CVE-2017-5753)
vulnerability in lookup_ioctx. For more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.147
https://security.cucumberlinux.com/security/details.php?id=201
kernel/linux-source upgraded from 4.9.146 to 4.9.147
* SECURITY FIX *
+----------------+
==================================== Edit #10 ==================================
Further mitigated against in Linux 4.9.141. Here are the details from the
relevant changelog entry:
+----------------+
Fri Nov 23 12:37:44 EST 2018
net-base/openssl upgraded from 1.0.2p to 1.0.2q to fix two security
vulnerabilities: CVE-2018-0734 and CVE-2018-5407. For more information
see:
https://www.openssl.org/news/cl102.txt
https://security.cucumberlinux.com/security/details.php?id=593
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0734
https://security.cucumberlinux.com/security/details.php?id=617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5407
multilib/net-base/openssl-lib_i686 upgraded from 1.0.2p to 1.0.2q (x86_64 only)
* SECURITY FIX *
+----------------+
==================================== Edit #9 ===================================
Further mitigated against in Linux 4.9.136 and 4.9.137. Here are the details
from the relevant changelog entry:
Tue Nov 13 17:54:55 EST 2018
base/linux upgraded from 4.9.135 to 4.9.137. This update contains additional
mitigations for the Spectre v1 vulnerability (CVE-2017-5753) and other
security fixes. For more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.136
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.137
https://security.cucumberlinux.com/security/details.php?id=201
kernel/linux-source upgraded from 4.9.135 to 4.9.137
* SECURITY FIX *
==================================== Edit #8 ===================================
Further mitigated against in Linux 4.9.130. Here are the details from the
relevant changelog entry:
+----------------+
Sat Sep 29 11:50:40 EDT 2018
base/linux upgraded from 4.9.128 to 4.9.130 to further mitigate agaist
Spectre v1 (CVE-2017-5753) and fix CVE-2018-14633, a stack based buffer
overflow that may have led to a denial of service (kernel panic) or
secalation of privileges. For more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.130
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.129
https://security.cucumberlinux.com/security/details.php?id=201
https://security.cucumberlinux.com/security/details.php?id=567
kernel/linux-source upgraded from 4.9.128 to 4.9.130
* SECURITY FIX *
+----------------+
==================================== Edit #7 ===================================
Further mitigated against in Linux 4.9.124. Here are the details from the
relevant changelog entry:
+----------------+
Fri Aug 24 11:27:00 EDT 2018
base/linux upgraded from 4.9.123 to 4.9.124 to mitigate a couple of potential
spectre v1 exploits. This update also conatins various other bug and
security fixes. For more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.124
https://security.cucumberlinux.com/security/details.php?id=201
kernel/linux-source upgraded from 4.9.123 to 4.9.124
* SECURITY FIX *
+----------------+
==================================== Edit #6 ===================================
Further mitigated against in Linux 4.9.118. Here are the details from the
relevant changelog entry:
+----------------+
Thu Aug 9 10:02:41 EDT 2018
base/linux upgraded from 4.9.117 to 4.9.119. This update fixes a potential
Spectre v1 (CVE-2017-5753) weakness in socketcall. It also contains
various other bug fixes, some of which may be security fixes. For more
information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.118
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.119
https://security.cucumberlinux.com/security/details.php?id=201
kernel/linux-source upgraded from 4,9.117 to 4.9.119
* SECURITY FIX *
+----------------+
==================================== Edit #5 ===================================
Further mitigated against in Linux 4.9.115. Here are the details from the
relevant changelog entry:
+----------------+
Fri Jul 27 10:23:41 EDT 2018
base/linux upgraded from 4.9.114 to 4.9.115 to remove a Spectre v1
(CVE-2017-5753) exploitation channel. For more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.115
kernel/linux-source upgraded from 4.9.114 to 4.9.115
* SECURITY FIX *
+----------------+
==================================== Edit #4 ===================================
Further mitigated against in Linux 4.9.114. Here are the details from the
relevant changelog entry:
+----------------+
Mon Jul 23 12:58:16 EDT 2018
base/linux upgraded from 4.9.113 to 4.9.114 to further mitigate against Spectre
variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715 respecitvely). For
more information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.114
kernel/linux-source upgraded from 4.9.113 to 4.9.114
* SECURITY FIX *
+----------------+
==================================== Edit #3 ===================================
Further mitigated against in Linux 4.9.104. Here are the details from the
relevant changelog entry:
+----------------+
Wed May 30 17:03:56 EDT 2018
base/linux upgraded from 4.9.103 to 4.9.104 to fix CVE-2018-6412 and further
mitigate against Spectre variant 1 (CVE-2017-5753). For more information
see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.104
https://security.cucumberlinux.com/security/details.php?id=201
https://security.cucumberlinux.com/security/details.php?id=419
kernel/linux-source upgraded from 4.9.103 to 4.9.104
* SECURITY FIX *
+----------------+
==================================== Edit #2 ===================================
This vulnerability has been even further mitigated against in version 4.9.100 of
the Linux kernel. Here are the details from the relevant changelog entry:
+----------------+
Wed May 16 19:08:30 EDT 2018
base/linux upgraded from 4.9.99 to 4.9.100. This release introduces many new
mitigations for the Spectre v1 vulnerability (CVE-2017-5753). For more
information see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.100
https://security.cucumberlinux.com/security/details.php?id=201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753
kernel/linux-source upgraded from 4.9.99 to 4.9.100
* SECURITY FIX *
+----------------+
==================================== Edit #1 ===================================
This vulnerability has been further mitigated against in version 4.9.81 of the
Linux kernel. For further details see:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.81
================================ Original Post =================================
This is a hardware vulnerability, and as of Sun Jan 7 14:15:45 EST 2018 there
is no known fix for it or known way to mitigate the effects of it.
See https://meltdownattack.com/ for more information about this vulnerability.