After several hardware-level security vulnerabilities Meltdown, Spectre, Speculative Store Buffet Bypass and Foreshadow, Intel has released information about a new group of security vulnerabilities, called MDS aka “RIDL” aka “Fallout” aka “Zombieland” affecting most of the Intel chip sets (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127 and CVE-2018-12130). These vulnerabilities could allow a potential attacker to gain access to sensitive data and credentials that could allow privilege escalation and local code execution.
We recommend upgrading the microcode package and operating system to the most recent version. Updates for CentOS, Redhat, Scientific Linux and other operating systems are already available. When upgrading hypervisors, also xen, libvirt and qemu-kvm libraries need to be upgraded. Simultaneous Multi-Threading (SMT) should be switched off, but note that this comes with a performance penalty.
The list of affected Intel processors can be found here.
More information can be found in the SVG Advisory that has been sent to EGI sites today and on this Redhat security page.
Recent Comments