Intel's Security Problems
Posted: Sat 18 May 2019, 22:33
https://news.softpedia.com/news/debian- ... 6047.shtml
The Debian Project has released patched versions of its Linux kernel and intel-microcode packages for the stable Debian GNU/Linux 9 "Stretch" operating system series to address the recently disclosed Intel MDS security vulnerabilities.
On May 14th, Intel disclosed four new security vulnerabilities affecting several of its Intel CPUs, which could allow attackers to leak sensitive information if the system remains unpatched. Intel has worked with major OS vendors and device manufactures to quickly deploy feasible solutions for mitigating these flaws, and now patches are available for users of the Debian GNU/Linux 9 "Stretch" operating system series.
The Debian Project urges all users of the stable Debian GNU/Linux 9 "Stretch" operating system series to update their installations as soon as possible to the latest Linux kernel version 4.9.168-1+deb9u2 and intel-microcode firmware 3.20190514.1~deb9u1. To fully mitigate these new security vulnerabilities, both packages need to be installed on your Debian GNU/Linux 9 "Stretch" computers.
Please note that the new intel-microcode version is only available in the Debian non-free repository, which you'll have to enable to patch your computer against the MSBDS, MFBDS, MLPDS and MDSUM (a.k.a. CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) hardware vulnerabilities. The new Linux kernel update also includes a fix for a regression causing deadlocks inside the loopback driver.
All derivatives based on Debian Stretch (stable) are concerned.
Further reading :
https://news.softpedia.com/news/canonic ... 6031.shtml
Protecting your computer against Intel’s latest security flaw is easy, unless it isn’t
https://www.theverge.com/2019/5/17/1862 ... s-chromeos
The Debian Project has released patched versions of its Linux kernel and intel-microcode packages for the stable Debian GNU/Linux 9 "Stretch" operating system series to address the recently disclosed Intel MDS security vulnerabilities.
On May 14th, Intel disclosed four new security vulnerabilities affecting several of its Intel CPUs, which could allow attackers to leak sensitive information if the system remains unpatched. Intel has worked with major OS vendors and device manufactures to quickly deploy feasible solutions for mitigating these flaws, and now patches are available for users of the Debian GNU/Linux 9 "Stretch" operating system series.
The Debian Project urges all users of the stable Debian GNU/Linux 9 "Stretch" operating system series to update their installations as soon as possible to the latest Linux kernel version 4.9.168-1+deb9u2 and intel-microcode firmware 3.20190514.1~deb9u1. To fully mitigate these new security vulnerabilities, both packages need to be installed on your Debian GNU/Linux 9 "Stretch" computers.
Please note that the new intel-microcode version is only available in the Debian non-free repository, which you'll have to enable to patch your computer against the MSBDS, MFBDS, MLPDS and MDSUM (a.k.a. CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) hardware vulnerabilities. The new Linux kernel update also includes a fix for a regression causing deadlocks inside the loopback driver.
All derivatives based on Debian Stretch (stable) are concerned.
Further reading :
https://news.softpedia.com/news/canonic ... 6031.shtml
Protecting your computer against Intel’s latest security flaw is easy, unless it isn’t
https://www.theverge.com/2019/5/17/1862 ... s-chromeos