Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2018-3620 - L1 terminal fault vulnerability #8211

Closed
hickeng opened this issue Aug 15, 2018 · 4 comments
Closed

CVE-2018-3620 - L1 terminal fault vulnerability #8211

hickeng opened this issue Aug 15, 2018 · 4 comments
Assignees
@DanielXiao
Labels
area/security Management of security functionality and other issues that impact security component/isos priority/p0 severity/1-critical Relates to a key use-case of the product. Often impacts many users.

Comments

@hickeng
Copy link
Member

hickeng commented Aug 15, 2018
edited
Loading

Update PhotonOS kernel packages to address
https://www.vmware.com/security/advisories/VMSA-2018-0021.htm

CVE-2018-3620

Ongoing industry work to address specter/meltdown

Kernel version is expected to be 4.4.148-1 but should be confirmed before closing.
@hickeng hickeng added area/security Management of security functionality and other issues that impact security component/isos labels Aug 15, 2018
@hickeng hickeng mentioned this issue Aug 15, 2018
Closed
@hickeng hickeng added severity/1-critical Relates to a key use-case of the product. Often impacts many users. area/security Management of security functionality and other issues that impact security component/isos and removed area/security Management of security functionality and other issues that impact security component/isos labels Aug 15, 2018
@DanielXiao
Copy link
Contributor

DanielXiao commented Aug 30, 2018
edited
Loading

I made a new image gcr.io/eminent-nation-87317/local-repo:1.7 which downloads latest packages from https://dl.bintray.com/vmware/photon_updates_1.0_x86_64/x86_64/ and the linux kernel package version is 4.4.152-1.ph1.

It 's running on wdc-yum-builder-ci.eng.vmware.com now but only vic install packages from this local yum repo.

Because of exclude list in https://github.com/vmware/vic/blob/master/infra/integration-image/LocalRepo, there are packages missing to build vic-product ova. vic-product is still using remote repo and the current linux kernel version is 4.4.152-1.ph1.

@DanielXiao
Copy link
Contributor

Close it and file a new task #8247 to track issue on vic-product.

@DanielXiao DanielXiao mentioned this issue Sep 10, 2018
Closed
6 tasks
@zjs zjs added the impact/doc/note Requires creation of or changes to an official release note label Sep 13, 2018
@zjs
Copy link
Member

zjs commented Sep 13, 2018

I think this is worth a release note, as there is security impact.

@stuclem
Copy link
Contributor

stuclem commented Sep 17, 2018

Added as a resolved issue in https://github.com/vmware/vic/releases/tag/v1.4.3

@stuclem stuclem removed the impact/doc/note Requires creation of or changes to an official release note label Sep 17, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DanielXiao DanielXiao

Labels
area/security Management of security functionality and other issues that impact security component/isos priority/p0 severity/1-critical Relates to a key use-case of the product. Often impacts many users.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@zjs @DanielXiao @hickeng @renmaosheng @stuclem