Zombieload 2: The Patches for CVE-2018-12207 are in the Test Feed! - TuxCare
TuxCare Blog News

Zombieload 2: The Patches for CVE-2018-12207 are in the Test Feed!

December 2, 2019

KernelCare Team has released Centos7, Centos7-Plus, RHEL7, OEL 7 patches for CVE-2018-12207 to the test feed. The KernelCare test feed makes it possible to start using new patches earlier.

To install patches from the test feed, run the command:

kcarectl –test –update

 

When production updates are available, KernelCare will use the regular feed automatically.

Subscribe to our blog to get the update about the patches in production.

 

Get a FREE 7-Day Supported Trial of KernelCare 

 

 

About the CVE-2018–12207: Processor Machine Check Error (MCEPSC or iTLB multihit)

The Processor Machine Check Error vulnerability affects virtualized environments.

Exploitation of this vulnerability can result in the host system hanging when Extended Page Tables (EPT) are enabled.

 

Other CVEs from Zombieload2 Set of Vulnerabilities:

1. CVE-2019–11135: TSX Asynchronous Abort (TAA)

This affects Intel chips with the Transactional Synchronization Extensions (TSX) feature.

It is similar to earlier MDS vulnerabilities, so if you’ve applied remediations for MDS, you will also be safe from this vulnerability.

However, if you’ve a newer Intel CPU with TSX enabled that’s not affected by MDS, you’ll need to update your CPU’s microcode and patch the kernel.

UPDATE FROM MONDAY, NOVEMBER 18TH

TSA (CVE-2019–11135) is taken care of by MDS mitigation on all kernels supported by KernelCare. KernelCare enforces MDS on all CPUs which are not in white-list. Currently there are no TSA-affected CPUs in this white-list, so no additional patches from KernelCare are required to mitigate TSA. We are recommending to those with TSA-affected CPUs to update to latest CPU microcode from their vendor.

 

2. CVE-2019–0155, CVE-2019–0154: i915 graphics hardware

CVE-2019–0155 can give an unprivileged user elevated system privileges.

CVE-2019–0154 can let an unprivileged user hang the system (effectively creating a DoS situation) by reading from specific memory locations (MMIO registers) when the graphic card’s power management goes to a particular minimal power usage state.

 

What we’re doing

As with all major vulnerabilities, as soon as the KernelCare monitoring team hear about it, developers and analysts begin the detailed process of investigating, assessing, developing and coding patches for our KernelCare Linux kernel live patching software.

We have started delivering first patches and will report here we progress and will provide migration instructions and patch locations when ready. Subscribe to our blog to get instant update.

 

 

TuxCare can help you reduce your risk window to data exfiltration and other cyber security threats.

TALK TO A CYBERSECURITY EXPERT

Expert knowledge of Linux security tips,
live patching education, and Cybersecurity news.

Stay updated with the latest news and announcements from TuxCare.com

Related Articles

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022

IT Automation With Live...

In a symphony orchestra, instruments harmonize to create one pleasing...

June 20, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

June 16, 2022

KernelCare agent update – version...

We are pleased to announce that a new updated KernelCare agent...

June 2, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

May 26, 2022

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching