RHEL 6 & CentOS 6 receive update for fixing Spectre Variant 4 and other vulnerabilities

by do son · July 17, 2018

Red Hat Enterprise Linux (RHEL) 6 and CentOS Linux 6 series recently received kernel security updates that fix vulnerabilities that were recently exposed. Now that the RHEL 7 and CentOS 7 series have fixed the Spectre Variant 4 (CVE-2018-3639) security vulnerability and the Lazy FPU State Save/Restore CPU vulnerability, it is now finally RHEL 6 and CentOS 6. Users can install these patches on the computers they use.

As previously expected, the security update released this round focuses on the Spectre Variant 4, which is currently an industry-level CPU vulnerability that covers a wide range of CPU families. It allows attackers to read memory information through targeted cache side-channel attacks. Currently, patches for Intel x86 and AMD CPUs have been released.

Also included in this round of kernel security updates is the Lazy FPU State Save/Restore CPU Vulnerability (CVE-2018-3665), which can cause FPU status information to leak. In addition, the new kernel update resolves a vulnerability in the mm/mempolicy.c:do_get_mempolicy function (CVE-2018-10675) that can initiate a local service denial of attack.

RHEL 6 & CentOS 6 receive update for fixing Spectre Variant 4 and other vulnerabilities

Search

Brilliantly

Content & Links