CVEs by modern implementation of the "fill buffer" mechanism
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
zhao.shuai |
Bug Description
New set of CVEs was reported against Intel CPUs: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091.
For these CVEs there are RH and CentOS updates available
RH : https:/
CENTOS: https:/
Right now we have kernel-
They are pointing to kernel-
same for microcode_
[0] https:/
[1] http://
[2] https:/
[3] https:/
CVE References
Changed in starlingx: | |
assignee: | Cindy Xie (xxie1) → zhao.shuai (zhao.shuai) |
Changed in starlingx: | |
status: | Triaged → In Progress |
Marking as stx.2.0 release gating as this is a high visibility set of CVEs which impact the kernel used in stx. As per above, we need to pick up the latest kernel from CentOS 7.6 to address these vulnerabilities.