SUSE-SU-2018:2473-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20182473-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:2473-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:2473-1
Related
Published
2018-08-21T15:13:21Z
Modified
2018-08-21T15:13:21Z
Summary
Security update for the Linux Kernel (Live Patch 2 for SLE 15)
Details

This update for the Linux Kernel 4.12.14-25_6 fixes one issue.

The following security issue was fixed:

  • CVE-2018-3646: Local attackers in virtualized guest systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by other hyperthreads on the same CPU core, potentially leaking sensitive data, even from other virtual machines or the host system (bsc#1099306).
References

Affected packages

SUSE:Linux Enterprise Live Patching 15 / kernel-livepatch-SLE15_Update_2

Package

Name
kernel-livepatch-SLE15_Update_2
Purl
purl:rpm/suse/kernel-livepatch-SLE15_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2-2.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-livepatch-4_12_14-25_6-default": "2-2.1"
        }
    ]
}