Date: Mon, 25 Nov 2019 21:45:06 +0000 (UTC) From: Dave Cottlehuber <dch@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r518430 - head/security/vuxml Message-ID: <201911252145.xAPLj6KZ053753@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dch Date: Mon Nov 25 21:45:06 2019 New Revision: 518430 URL: https://svnweb.freebsd.org/changeset/ports/518430 Log: security/vuxml: add FreeBSD kernel entries for recent Intel CVEs PR: 241931 Submitted by: Miroslav Lachman <000.fbsd@quip.cz> Reviewed by: dch Approved by: joneum (ports-secteam) Security: CVE-2019-11135 Security: CVE-2019-11139 Security: CVE-2018-12126 Security: CVE-2018-12127 Security: CVE-2018-12130 Security: CVE-2018-11091 Security: CVE-2017-5715 Security: CVE-2018-12207 Sponsored by: SkunkWerks, GmbH Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Nov 25 20:58:50 2019 (r518429) +++ head/security/vuxml/vuln.xml Mon Nov 25 21:45:06 2019 (r518430) @@ -58,6 +58,87 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="fbe10a8a-05a1-11ea-9dfa-f8b156ac3ff9"> + <topic>FreeBSD -- Intel CPU Microcode Update</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>12.1</ge><lt>12.1_1</lt></range> + <range><ge>12.0</ge><lt>12.0_12</lt></range> + <range><ge>11.3</ge><lt>11.3_5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Starting with version 1.26, the devcpu-data port/package includes + updates and mitigations for the following technical and security + advisories (depending on CPU model).</p> + <p>Intel TSX Updates (TAA) CVE-2019-11135 Voltage Modulation + Vulnerability CVE-2019-11139 MD_CLEAR Operations + CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-11091 + TA Indirect Sharing CVE-2017-5715 EGETKEY CVE-2018-12126 + CVE-2018-12127 CVE-2018-12130 CVE-2018-11091 JCC SKX102 + Erratum </p> + <p>Updated microcode includes mitigations for + CPU issues, but may also cause a performance regression due + to the JCC erratum mitigation. Please visit + http://www.intel.com/benchmarks for further information. + </p> + <p>Please visit http://www.intel.com/security for + detailed information on these advisories as well as a list of + CPUs that are affected.</p> + <p>Operating a CPU without the latest microcode may result in erratic or + unpredictable behavior, including system crashes and lock ups. + Certain issues listed in this advisory may result in the leakage of + privileged system information to unprivileged users. Please refer to + the security advisories listed above for detailed information.</p> + </body> + </description> + <references> + <cvename>CVE-2019-11135</cvename> + <cvename>CVE-2019-11139</cvename> + <cvename>CVE-2018-12126</cvename> + <cvename>CVE-2018-12127</cvename> + <cvename>CVE-2018-12130</cvename> + <cvename>CVE-2018-11091</cvename> + <cvename>CVE-2017-5715</cvename> + <freebsdsa>SA-19:26.mcu</freebsdsa> + </references> + <dates> + <discovery>2019-11-14</discovery> + <entry>2019-11-25</entry> + </dates> + </vuln> + + <vuln vid="edc0bf7e-05a1-11ea-9dfa-f8b156ac3ff9"> + <topic>FreeBSD -- Machine Check Exception on Page Size Change</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>12.1</ge><lt>12.1_1</lt></range> + <range><ge>12.0</ge><lt>12.0_12</lt></range> + <range><ge>11.3</ge><lt>11.3_5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Intel discovered a previously published erratum on some Intel + platforms can be exploited by malicious software to potentially cause + a denial of service by triggering a machine check that will crash or + hang the system.</p> + <p>Malicious guest operating systems may be able to crash the host.</p> + </body> + </description> + <references> + <cvename>CVE-2018-12207</cvename> + <freebsdsa>SA-19:25.mcepsc</freebsdsa> + </references> + <dates> + <discovery>2019-11-14</discovery> + <entry>2019-11-25</entry> + </dates> + </vuln> + <vuln vid="6ade62d9-0f62-11ea-9673-4c72b94353b5"> <topic>clamav -- Denial-of-Service (DoS) vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201911252145.xAPLj6KZ053753>