<div dir="ltr">Thomas,<div><br></div><div>Thanks for this info. </div><div>I would also recommend folks to check this website <span style="font-family:Helvetica;font-size:12px">read this </span><a href="https://spectreattack.com/" style="font-family:Helvetica;font-size:12px">https://spectreattack.com/</a></div><div><br></div><div><br></div>
<div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 4, 2018 at 4:03 PM, Weeks, Thomas <span dir="ltr"><<a href="mailto:t.weeks@vt.edu" target="_blank">t.weeks@vt.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I don't normally send out security announcements.. but this is so huge it demands some extra attention..<br>
<br>
Here's a really great security bulletin by a good X-Racker friend of mine (now a security lead at Red Hat) on the big processor/kernel Side-Channel attack vectors (by Meltdown/Spectre).<br>
<a href="https://access.redhat.com/security/vulnerabilities/speculativeexecution" rel="noreferrer" target="_blank">https://access.redhat.com/<wbr>security/vulnerabilities/<wbr>speculativeexecution</a><br>
<br>
If you run Red Hat base distros, stay tuned to the Advisory/Update column of the "Resolve" tab of this super critical security bulletin.<br>
<br>
<br>
TL;DR<br>
The packages you'll want to watch for updates on are kernel, libvirt and qemu-kvm (as well as kernel-rt and dracut on RHEL7):<br>
<br>
Post any of your findings, tips or suggestions here please.. we're all in this one for the long term!<br>
<br>
<br>
p.s. Invite security friends to both this list: <a href="http://lists.rbtc.tech/mailman/listinfo/security-discuss" rel="noreferrer" target="_blank">http://lists.rbtc.tech/<wbr>mailman/listinfo/security-<wbr>discuss</a><br>
and the main [Security-Announce] list: <a href="http://lists.rbtc.tech/mailman/listinfo/security-announce" rel="noreferrer" target="_blank">http://lists.rbtc.tech/<wbr>mailman/listinfo/security-<wbr>announce</a><br>
Both run the mailman email list server, and as such have archives that are google indexed, and thus VERY useful for recalling useful things you can't quite remember.. :)<br>
<br>
T.Weeks<br>
Thomas "Tweeks" Weeks<br>
Director, Technology Futures and Community Advocacy<br>
Division of Information Technology, Virginia Tech<br>
<br>
______________________________<wbr>_________________<br>
Security-Discuss mailing list<br>
Security-Discuss@lists.rbtc.<wbr>tech<br>
<a href="http://lists.rbtc.tech/mailman/listinfo/security-discuss" rel="noreferrer" target="_blank">http://lists.rbtc.tech/<wbr>mailman/listinfo/security-<wbr>discuss</a><br>
</blockquote></div><br></div>