Closed l2dy closed 5 years ago
According to https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html, there's also CVE-2018-3640, but no fix observed for that yet.
Edited original comment to include progress indicator.
Any progress update?
Cross-References: LSN-2018-0005
Fix commits (so far) as follows:
Use AOSA-2018-0287 for qemu. Use AOSA-2018-0288 for linux-kernel-lts. Use AOSA-2018-0289 for linux-kernel-libre.
https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-Data-File
AOSA for Intel Ucode please.
Use AOSA-2018-0305 for intel-ucode.
Note that the Intel microcode update fixes CVE-2018-3640 (Spectre v3a) and helps mitigating CVE-2018-3639 (Spectre v4).
Cross-References: LSN-2018-0005
Note that LSN-2018-0005 is from libvirt.
LibVirt addressed with https://github.com/AOSC-Dev/aosc-os-abbs/commit/eeb94397d586cdda952544f3196ba2b4ad009373.
Use AOSA-2018-0347 for libvirt.
@liushuyu Could you report back with the Java SE/JDK issue?
All issues should have been fixed with the newest packages in Stable. Closing.
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Variant4 https://access.redhat.com/security/vulnerabilities/ssbd
linux-kernel
,linux-kernel-lts
,linux-kernel-libre
)