[Security-Discuss] Patching RH Linux Boxes Against new CPU (Meltdown & Spectre)

Thomas Tweeks Weeks tom at theweeks.org
Wed Jan 10 22:55:58 EST 2018 

That's THE definative place for more info on the vulnerabilities.. but here's another really great video by my buddies at Red Hat that really break it down:
[ https://www.youtube.com/watch?v=syAdX44pokE ]( https://www.youtube.com/watch?v=syAdX44pokE )
 
Tweeks
 
 
 
On Wednesday, January 10, 2018 9:58am, "Shailesh Prajapati" <prajapatisk at gmail.com> said:



Thomas,
Thanks for this info. 
I would also recommend folks to check this website read this [ https://spectreattack.com/ ]( https://spectreattack.com/ )


On Thu, Jan 4, 2018 at 4:03 PM, Weeks, Thomas <[ t.weeks at vt.edu ]( mailto:t.weeks at vt.edu )> wrote:
I don't normally send out security announcements.. but this is so huge it demands some extra attention..

 Here's a really great security bulletin by a good X-Racker friend of mine (now a security lead at Red Hat) on the big processor/kernel Side-Channel attack vectors (by Meltdown/Spectre).
[ https://access.redhat.com/security/vulnerabilities/speculativeexecution ]( https://access.redhat.com/security/vulnerabilities/speculativeexecution )

 If you run Red Hat base distros, stay tuned to the Advisory/Update column of the "Resolve" tab of this super critical security bulletin.


 TL;DR
 The packages you'll want to watch for updates on are kernel, libvirt and qemu-kvm (as well as kernel-rt and dracut on RHEL7):

 Post any of your findings, tips or suggestions here please.. we're all in this one for the long term!


 p.s. Invite security friends to both this list: [ http://lists.rbtc.tech/mailman/listinfo/security-discuss ]( http://lists.rbtc.tech/mailman/listinfo/security-discuss )
 and the main [Security-Announce] list: [ http://lists.rbtc.tech/mailman/listinfo/security-announce ]( http://lists.rbtc.tech/mailman/listinfo/security-announce )
 Both run the mailman email list server, and as such have archives that are google indexed, and thus VERY useful for recalling useful things you can't quite remember.. :)

  T.Weeks
  Thomas "Tweeks" Weeks
  Director, Technology Futures and Community Advocacy
  Division of Information Technology, Virginia Tech

 _______________________________________________
 Security-Discuss mailing list
 Security-Discuss at lists.rbtc.tech
[ http://lists.rbtc.tech/mailman/listinfo/security-discuss ]( http://lists.rbtc.tech/mailman/listinfo/security-discuss )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rbtc.tech/pipermail/security-discuss/attachments/20180110/9fa90c87/attachment.html>

More information about the Security-Discuss mailing list