An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.
Statement: Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ssbd
Acknowledgments: Name: Ken Johnson (Microsoft Security Response Center), Jann Horn (Google Project Zero)
External References: https://access.redhat.com/security/vulnerabilities/ssbd https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1580713]
This issue has been addressed in the following products: Red Hat Virtualization 4 for RHEL-7 Via RHSA-2018:1655 https://access.redhat.com/errata/RHSA-2018:1655
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1630 https://access.redhat.com/errata/RHSA-2018:1630
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1651 https://access.redhat.com/errata/RHSA-2018:1651
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1647 https://access.redhat.com/errata/RHSA-2018:1647
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1650 https://access.redhat.com/errata/RHSA-2018:1650
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1660 https://access.redhat.com/errata/RHSA-2018:1660
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2018:1642 https://access.redhat.com/errata/RHSA-2018:1642
This issue has been addressed in the following products: Red Hat Virtualization Engine 4.2 Via RHSA-2018:1674 https://access.redhat.com/errata/RHSA-2018:1674
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:1664 https://access.redhat.com/errata/RHSA-2018:1664
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1633 https://access.redhat.com/errata/RHSA-2018:1633
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1648 https://access.redhat.com/errata/RHSA-2018:1648
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1629 https://access.redhat.com/errata/RHSA-2018:1629
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1649 https://access.redhat.com/errata/RHSA-2018:1649
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:1668 https://access.redhat.com/errata/RHSA-2018:1668
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1632 https://access.redhat.com/errata/RHSA-2018:1632
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Red Hat Enterprise Linux 6.6 Telco Extended Update Support Via RHSA-2018:1666 https://access.redhat.com/errata/RHSA-2018:1666
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:1663 https://access.redhat.com/errata/RHSA-2018:1663
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:1662 https://access.redhat.com/errata/RHSA-2018:1662
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:1661 https://access.redhat.com/errata/RHSA-2018:1661
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:1659 https://access.redhat.com/errata/RHSA-2018:1659
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Red Hat Enterprise Linux 6.6 Telco Extended Update Support Via RHSA-2018:1658 https://access.redhat.com/errata/RHSA-2018:1658
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2018:1657 https://access.redhat.com/errata/RHSA-2018:1657
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:1656 https://access.redhat.com/errata/RHSA-2018:1656
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:1667 https://access.redhat.com/errata/RHSA-2018:1667
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2018:1665 https://access.redhat.com/errata/RHSA-2018:1665
This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-7 ELS Via RHSA-2018:1654 https://access.redhat.com/errata/RHSA-2018:1654
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:1653 https://access.redhat.com/errata/RHSA-2018:1653
This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2018:1645 https://access.redhat.com/errata/RHSA-2018:1645
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:1652 https://access.redhat.com/errata/RHSA-2018:1652
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1669 https://access.redhat.com/errata/RHSA-2018:1669
This issue has been addressed in the following products: Red Hat OpenStack Platform 12.0 (Pike) Via RHSA-2018:1643 https://access.redhat.com/errata/RHSA-2018:1643
This issue has been addressed in the following products: Red Hat Virtualization Engine 4.2 Via RHSA-2018:1676 https://access.redhat.com/errata/RHSA-2018:1676
This issue has been addressed in the following products: Red Hat Virtualization 4 for RHEL-7 Via RHSA-2018:1675 https://access.redhat.com/errata/RHSA-2018:1675
This issue has been addressed in the following products: Red Hat OpenStack Platform 8.0 (Liberty) Via RHSA-2018:1646 https://access.redhat.com/errata/RHSA-2018:1646
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2018:1644 https://access.redhat.com/errata/RHSA-2018:1644
This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 Via RHSA-2018:1686 https://access.redhat.com/errata/RHSA-2018:1686
This issue has been addressed in the following products: RHEV Manager version 3.6 Via RHSA-2018:1689 https://access.redhat.com/errata/RHSA-2018:1689
This issue has been addressed in the following products: RHEV Manager version 3.6 Via RHSA-2018:1688 https://access.redhat.com/errata/RHSA-2018:1688
This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-7 ELS Via RHSA-2018:1690 https://access.redhat.com/errata/RHSA-2018:1690
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:1636 https://access.redhat.com/errata/RHSA-2018:1636
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:1635 https://access.redhat.com/errata/RHSA-2018:1635
This issue has been addressed in the following products: Red Hat Virtualization 4 for RHEL-7 Via RHSA-2018:1696 https://access.redhat.com/errata/RHSA-2018:1696
This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-7 ELS Via RHSA-2018:1710 https://access.redhat.com/errata/RHSA-2018:1710
This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-6 RHEV 3.X Hypervisor and Agents for RHEL-7 ELS Via RHSA-2018:1711 https://access.redhat.com/errata/RHSA-2018:1711
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:1638 https://access.redhat.com/errata/RHSA-2018:1638
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:1641 https://access.redhat.com/errata/RHSA-2018:1641
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Red Hat Enterprise Linux 6.6 Telco Extended Update Support Via RHSA-2018:1639 https://access.redhat.com/errata/RHSA-2018:1639
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2018:1640 https://access.redhat.com/errata/RHSA-2018:1640
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:1637 https://access.redhat.com/errata/RHSA-2018:1637
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:1737 https://access.redhat.com/errata/RHSA-2018:1737
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:1738 https://access.redhat.com/errata/RHSA-2018:1738
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:1826 https://access.redhat.com/errata/RHSA-2018:1826
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854
Created libvirt tracking bugs for this issue: Affects: fedora-all [bug 1592750] Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1592751]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1967 https://access.redhat.com/errata/RHSA-2018:1967
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:2006 https://access.redhat.com/errata/RHSA-2018:2006
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1965 https://access.redhat.com/errata/RHSA-2018:1965
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1997 https://access.redhat.com/errata/RHSA-2018:1997
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2001 https://access.redhat.com/errata/RHSA-2018:2001
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2003 https://access.redhat.com/errata/RHSA-2018:2003
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2018:2060 https://access.redhat.com/errata/RHSA-2018:2060
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:2161 https://access.redhat.com/errata/RHSA-2018:2161
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2162 https://access.redhat.com/errata/RHSA-2018:2162
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2164 https://access.redhat.com/errata/RHSA-2018:2164
This issue has been addressed in the following products: Red Hat Enterprise Linux 5.9 Long Life Via RHSA-2018:2171 https://access.redhat.com/errata/RHSA-2018:2171
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Extended Lifecycle Support Via RHSA-2018:2172 https://access.redhat.com/errata/RHSA-2018:2172
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:2216 https://access.redhat.com/errata/RHSA-2018:2216
This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 (Queens) Via RHSA-2018:2228 https://access.redhat.com/errata/RHSA-2018:2228
This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-6 RHEV 3.X Hypervisor and Agents for RHEL-7 ELS Via RHSA-2018:2246 https://access.redhat.com/errata/RHSA-2018:2246
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:2250 https://access.redhat.com/errata/RHSA-2018:2250
This issue has been addressed in the following products: Red Hat OpenStack Platform 12.0 (Pike) Via RHSA-2018:2258 https://access.redhat.com/errata/RHSA-2018:2258
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2018:2289 https://access.redhat.com/errata/RHSA-2018:2289
This issue has been addressed in the following products: Red Hat Virtualization Engine 4.2 Via RHSA-2018:2328 https://access.redhat.com/errata/RHSA-2018:2328
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Red Hat Enterprise Linux 6.6 Telco Extended Update Support Via RHSA-2018:2309 https://access.redhat.com/errata/RHSA-2018:2309
This issue has been addressed in the following products: Red Hat OpenStack Platform 8.0 (Liberty) Via RHSA-2018:2364 https://access.redhat.com/errata/RHSA-2018:2364
This issue has been addressed in the following products: Red Hat OpenStack Platform 9.0 (Mitaka) Via RHSA-2018:2363 https://access.redhat.com/errata/RHSA-2018:2363
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:2387 https://access.redhat.com/errata/RHSA-2018:2387
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2018:2396 https://access.redhat.com/errata/RHSA-2018:2396
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:2394 https://access.redhat.com/errata/RHSA-2018:2394
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:2948
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2018:3396 https://access.redhat.com/errata/RHSA-2018:3396
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2018:3397 https://access.redhat.com/errata/RHSA-2018:3397
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Extended Update Support Via RHSA-2018:3398 https://access.redhat.com/errata/RHSA-2018:3398
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:3399 https://access.redhat.com/errata/RHSA-2018:3399
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Telco Extended Update Support Red Hat Enterprise Linux 6.6 Advanced Update Support Via RHSA-2018:3400 https://access.redhat.com/errata/RHSA-2018:3400
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.4 Advanced Update Support Via RHSA-2018:3401 https://access.redhat.com/errata/RHSA-2018:3401
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:3402 https://access.redhat.com/errata/RHSA-2018:3402
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:3407 https://access.redhat.com/errata/RHSA-2018:3407
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2018:3423 https://access.redhat.com/errata/RHSA-2018:3423
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.7 Extended Update Support Via RHSA-2018:3424 https://access.redhat.com/errata/RHSA-2018:3424
This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Red Hat Enterprise Linux 6.6 Telco Extended Update Support Via RHSA-2018:3425 https://access.redhat.com/errata/RHSA-2018:3425
This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7.4 EUS Via RHSA-2019:0148 https://access.redhat.com/errata/RHSA-2019:0148