[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches
From: |
Stefan Priebe - Profihost AG |
Subject: |
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches |
Date: |
Thu, 4 Jan 2018 09:17:41 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 |
Am 04.01.2018 um 08:27 schrieb Alexandre DERUMIER:
> does somebody have a redhat account to see te content of:
>
> https://access.redhat.com/solutions/3307851
> "Impacts of CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715 to Red Hat
> Virtualization products"
i don't have one but the content might be something like this:
https://www.suse.com/de-de/support/kb/doc/?id=7022512
So you need:
1.) intel / amd cpu microcode update
2.) qemu update to pass the new MSR and CPU flags from the microcode update
3.) host kernel update
4.) guest kernel update
The microcode update and the kernel update is publicly available but i'm
missing the qemu one.
Greets,
Stefan
> ----- Mail original -----
> De: "aderumier" <address@hidden>
> À: "Stefan Priebe, Profihost AG" <address@hidden>
> Cc: "qemu-devel" <address@hidden>
> Envoyé: Jeudi 4 Janvier 2018 08:24:34
> Objet: Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches
>
>>> Can anybody point me to the relevant qemu patches?
>
> I don't have find them yet.
>
> Do you known if a vm using kvm64 cpu model is protected or not ?
>
> ----- Mail original -----
> De: "Stefan Priebe, Profihost AG" <address@hidden>
> À: "qemu-devel" <address@hidden>
> Envoyé: Jeudi 4 Janvier 2018 07:27:01
> Objet: [Qemu-devel] CVE-2017-5715: relevant qemu patches
>
> Hello,
>
> i've seen some vendors have updated qemu regarding meltdown / spectre.
>
> f.e.:
>
> CVE-2017-5715: QEMU was updated to allow passing through new MSR and
> CPUID flags from the host VM to the CPU, to allow enabling/disabling
> branch prediction features in the Intel CPU. (bsc#1068032)
>
> Can anybody point me to the relevant qemu patches?
>
> Thanks!
>
> Greets,
> Stefan
>
- [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches,
Stefan Priebe - Profihost AG <=
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Alexandre DERUMIER, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Paolo Bonzini, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Paolo Bonzini, 2018/01/05
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/05
- Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Paolo Bonzini, 2018/01/05
Re: [Qemu-devel] CVE-2017-5715: relevant qemu patches, Stefan Priebe - Profihost AG, 2018/01/04