Libvirt Security Notice Index > 2018 > LSN-2018-0005 [xml] [text]

Libvirt Security Notice: LSN-2018-0005

Speculative Store Bypass

Lifecycle

Reported on:	20180509
Published on:	20180521
Fixed on:	20180521

Credits

Reported by:	Ken Johnson (Microsoft Security Response Center)
	Jann Horn (Google Project Zero)
Patched by:	Daniel Berrange

See also

CVE-2018-3639

Description

This is not a vulnerability in libvirt, rather it is a set of changes in libvirt to enable mitigation of the Speculative Store Bypass hardware flaws by providing extra CPU features "ssbd" and "virt-ssbd". Refer to https://access.redhat.com/security/vulnerabilities/ssbd for further background information.

Affected product: libvirt

Branch: master

Broken in:: v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.4.1
v0.4.2
v0.4.4
v0.4.6
v0.5.0
v0.5.1
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.8.7
v0.8.8
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
v0.9.7
v0.9.8
v0.9.9
v0.9.10
v0.9.11
v0.9.12
v0.9.13
v0.10.0
v0.10.1
v0.10.2
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.16
v1.2.17
v1.2.18
v1.2.19
v1.2.20
v1.2.21
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.3.4
v1.3.5
v2.0.0
v2.1.0
v2.2.0
v2.3.0
v2.4.0
v2.5.0
v3.0.0
v3.1.0
v3.2.0
v3.3.0
v3.4.0
v3.5.0
v3.6.0
v3.7.0
v3.8.0
v3.9.0
v3.10.0
v4.0.0
v4.1.0
v4.2.0
v4.3.0
Fixed in:: v4.4.0
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:: 1dbca2eccad58d91a5fd33962854f1a653638182
9267342206ce17f6933d57a3128cdc504d5945c9

Branch: v0.8.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.6-maint

Broken in:: v0.9.6.1
v0.9.6.2
v0.9.6.3
v0.9.6.4
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.11-maint

Broken in:: v0.9.11.1
v0.9.11.2
v0.9.11.3
v0.9.11.4
v0.9.11.5
v0.9.11.6
v0.9.11.7
v0.9.11.8
v0.9.11.9
v0.9.11.10
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.9.12-maint

Broken in:: v0.9.12.1
v0.9.12.2
v0.9.12.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v0.10.2-maint

Broken in:: v0.10.2.1
v0.10.2.2
v0.10.2.3
v0.10.2.4
v0.10.2.5
v0.10.2.6
v0.10.2.7
v0.10.2.8
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.5-maint

Broken in:: v1.0.5.1
v1.0.5.2
v1.0.5.3
v1.0.5.4
v1.0.5.5
v1.0.5.6
v1.0.5.7
v1.0.5.8
v1.0.5.9
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.0.6-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.3-maint

Broken in:: v1.1.3.1
v1.1.3.2
v1.1.3.3
v1.1.3.4
v1.1.3.5
v1.1.3.6
v1.1.3.7
v1.1.3.8
v1.1.3.9
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.1.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.3-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.5-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.6-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.7-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.8-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.9-maint

Broken in:: v1.2.9.1
v1.2.9.2
v1.2.9.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.10-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.11-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.12-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.13-maint

Broken in:: v1.2.13.1
v1.2.13.2
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.14-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.15-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.16-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.17-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.18-maint

Broken in:: v1.2.18.1
v1.2.18.2
v1.2.18.3
v1.2.18.4
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.19-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.20-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.2.21-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.2-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.3-maint

Broken in:: v1.3.3.1
v1.3.3.2
v1.3.3.3
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.4-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v1.3.5-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v2.2-maint

Broken in:: v2.2.1
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.0-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.2-maint

Broken in:: v3.2.1
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v3.7-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Branch: v4.1-maint

Broken in:
Fixed in:
Broken by:: 23ad665cb05ef9ce7d298cc34bff5efb95ef6948
Fixed by:

Alternative formats: [xml] [text]

Home

Website (via DuckDuckGo) Wiki (via DuckDuckGo) Developers list Users list

Contact

email
irc

Community

Contribute

edit this page

Participants in the libvirt project agree to abide by the project code of conduct