Security Patches and the Kernel (Linux)
-
Security updates for Tuesday
Security updates have been issued by Fedora (community-mysql, crun, java-latest-openjdk, and mupdf), openSUSE (libssh2_org), and SUSE (go1.12, libseccomp, and tar).
-
New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort
In addition to the JCC erratum being made public today and that performance-shifting Intel microcode update affecting Skylake through Cascade Lake, researchers also announced a new ZombieLoad side-channel attack variant dubbed "TSX Asynchronous Abort" or TAA for short.
ZombieLoad / MDS (Microarchitectural Data Sampling) was announced back in May by researchers while today Cyberus Technology has announced a new variant focused on Intel processors with TSX (Transactional Synchronization Extensions). TSX Asynchronous Abort is a new ZombieLoad variant that was actually discovered back as part of Cyberus' originally discoveries but faced an extended embargo.
-
Linux Kernel Gets Mitigations For TSX Aync Abort Plus Another New Issue: iITLB Multihit
The Linux kernel has just received its mitigation work for the newly-announced TSX Asynchronous Abort (TAA) variant of ZombieLoad plus revealing mitigations for another Intel CPU issue... So today in addition to the JCC Erratum and ZombieLoad TAA the latest is iITLB Multihit (NX) - No eXcuses.
The mainline Linux kernel received mitigations for ZombieLoad TAA that work in conjunction with newly-published Intel microcode. The mitigations also now expose /sys/devices/system/cpu/vulnerabilities/tsx_async_abort for reporting the mitigation status plus a new tsx_async_abort kernel parameter. With the TAA mitigation, the system will clear CPU buffers on ring transitions.
-
LinuxBoot Continues Maturing - Now Able To Boot Windows
LinuxBoot is approaching two years of age as the effort led by Facebook and others for replacing some elements of the system firmware with the Linux kernel.
Chris Koch of Google presented at last month's Platform Security Summit 2019 on the initiative. The Platform Security Summit 2019 took place at the start of October at Microsoft's facilities in Redmond. LinuxBoot in recent months has been able to begin booting Windows 10, which is related to the recent reports on kexec'ing Windows from Linux. But not only is Windows booting but VMware and Xen are also now working in a LinuxBoot environment.
- Login or register to post comments
- Printer-friendly version
- 6145 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
SUSE addresses Transactional Asynchronous Abort
SUSE addresses Transactional Asynchronous Abort and Machine Check Error on Page Size Changes issues
Now the reaction from Red Hat and Canonical to Intel defects
Red Hat Responds to ZombieLoad v2 Security Vulnerabilities Affecting Intel CPUs
Ubuntu updates to mitigate latest Intel hardware vulnerabilities
This week's hardware vulnerabilities
Canonical Announces Ubuntu Updates to Mitigate Latest Intel Vuln
Canonical Announces Ubuntu Updates to Mitigate Latest Intel Vulnerabilities
Linux vs. Zombieland v2: The security battle continues
Linux vs. Zombieland v2: The security battle continues