SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SCP clients from multiple vendors are susceptible to a malicious scp server performing
unauthorized changes to target directory and/or client output manipulation.
[...]
Malicious scp server can write arbitrary files to scp target directory, change the
target directory permissions and to spoof the client output.
A new vulnerability was recently discovered, affecting all Core Intel CPUs, called:
SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks
https://www.theregister.co.uk/2019/0...rocessor_flaw/
"An Intel spokesperson told us after publication that it hopes applications can be built in future to defend against SPOILER attacks, or hardware protections can be deployed"
An Intel spokesperson told us after publication that it hopes applications can be built in future to defend against SPOILER attacks, or hardware protections can be deployed
This is an extremely insulting attitude, considering that info about their then-CEO quietly selling shares just before details about the first vulnerabilities went public is even documented on Wikipedia.
Noticed two Spectre vulnerabilities with fixes in 4.4.175 and 4.4.177, issued on March 23. Any chance a new kernel slackpkg from PV is forth coming that address those?
Last edited by bamunds; 03-27-2019 at 09:08 AM.
Reason: Clarify the kernel packages from PV not Kernel.org
Section 1
–
Planned microcode updates
• Provides details on Intel microcode updates currently planned or available and
corresponding to Intel - SA-00233 published May 14, 2019.
- the majority of the modern Core-i & Xeon CPUs are listed in "Section 1"
- the majority of the modern Core-i & Xeon CPUs are listed in "Section 1"
A fresh microcode update was just released (a few hours ago) by Intel on github: https://github.com/intel/Intel-Linux...ocode-20190514
Couldn't find any specific info about the ZombieLoad vulnerability in the microcode release notes, it's juts the list of CPUs that are updated.
A fresh microcode update was just released (a few hours ago) by Intel on github: https://github.com/intel/Intel-Linux...ocode-20190514
Couldn't find any specific info about the ZombieLoad vulnerability in the microcode release notes, it's juts the list of CPUs that are updated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.