VARIoT IoT vulnerabilities database

An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed. ASUSTOR AS6202T Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR

An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that can then be executed. Further, the filename parameter is vulnerable to path traversal and allows the attacker to place the file anywhere on the system. ASUSTOR AS6202T Contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR. The upload.cgi file in ASUSTOR AS6202T ADM 3.1.0.RFQ3 has a security vulnerability

Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter. ASUSTOR AS6202T Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR. There is a security vulnerability in the importuser.cgi file in ASUSTOR AS6202T ADM 3.1.0.RFQ3

An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter. ASUSTOR AS6202T Contains an access control vulnerability.Information may be tampered with. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR. There is a security vulnerability in the download.cgi file in ASUSTOR AS6202T ADM 3.1.0.RFQ3. A remote attacker could exploit this vulnerability to obtain sensitive information by sending a specially crafted HTTP request

A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter. ASUSTOR AS6202T Contains a path traversal vulnerability.Information may be tampered with. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR

A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter. ASUSTOR AS6202T Contains a path traversal vulnerability.Information may be obtained. ASUSTOR AS6202T ADM is a set of ASUSTOR NAS storage device operating system developed by ASUSTOR

WECON LeviStudio is a set of human-machine interface programming software from China WECON company. WECON LeviStudio has a heap overflow vulnerability. An attacker could exploit the vulnerability to cause the program to crash by constructing a malformed hmp file. If used successfully, it can lead to arbitrary code execution

IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142598. IBM WebSphere MQ Contains a certificate validation vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 142598 It is released as.Information may be obtained. Multiple IBM Products are prone to an information-disclosure vulnerability

The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the TelematicsControlUnit in BMW cars (cars produced in 2012-2018). An attacker can exploit a vulnerability for a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc

The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. BMWvehicles and others are automotive products of the German BMW (BayerischeMotorenWerkeAG) company. There is a security hole in the Telematics ControlUnit on the BMW (models produced in 2012-2018). Allows an attacker to conduct a ranged attack. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions. BMW vehicles, etc. Remote attackers can exploit this vulnerability to attack the system

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker who has direct physical access. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the USB or OBD-II interface. An attacker can bypass the code-signing protection mechanism for firmware updates, and consequently obtain a root shell. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via Bluetooth when in pairing mode, leading to a Head Unit reboot. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Service operation interruption (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). A remote attacker can use this vulnerability to cause HeadUnit to restart with Bluetooth. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB device is plugged in. plural BMW In the series Head Unit HU_NBT ( alias Infotainment) The component contains a vulnerability related to failure of the protection mechanism.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. HeadUnitHU_NBT (Infotainment) component is a system of infotainment systems. There are security holes in the HeadUnitHU_NBT component on several BMW cars (cars produced in 2012-2018). There are currently no detailed vulnerability descriptions. BMW Infotainment System Telematics/Control Unit/Central Gateway Module are prone to the following multiple security vulnerabilities: 1. A local code-execution vulnerability 2. A security-bypass vulnerability 3. A denial-of-service vulnerability 4. Multiple remote code-execution vulnerabilities An attacker can leverage these issues to execute arbitrary code with root privileges, bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. Has speculative execution function CPU Is vulnerable to a cache-side channel attack. "Variant 4" Or "SpectreNG" It is called. Has speculative execution function CPU The following vulnerabilities have been reported that perform cache timing side-channel attacks against. * CVE-2018-3639 (Variant 4 "SpectreNG") : Speculative Store Bypass (SSB) * CVE-2018-3640 (Variant 3a) : Rogue System Register Read (RSRE) For more information, Project Zero <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1528">bug report</a> , Intel security advisory <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html">INTEL-SA-00115</a> and ARM <a href="https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability">whitepaper</a> Please refer to. This vulnerability has been announced in the past <a href="https://www.kb.cert.org/vuls/id/584653"> Vulnerability </a> CVE-2017-5753 (Variant 1 "Spectre") , CVE-2017-5715 (Variant 2 "Spectre") , CVE-2017-5754 (Variant 3 "Meltdown") To be similar to "SpectreNG" It is reported with the name.By using a cache timing side channel attack, a third party who can access as a local user may be able to read arbitrary privilege data or system register values. CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. A number of CPUHardwares have information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. Multiple CPU Hardwares are prone to an information-disclosure vulnerability. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. For the stable distribution (stretch), these problems have been fixed in version 3.20180703.2~deb9u1. We recommend that you upgrade your intel-microcode packages. For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt11DsACgkQEMKTtsN8 TjaLRQ/7BRb1atQVGNSPWx7bSE1NTEGIv7MKLSQTBrAJt6VjsVoZPA/B4rgoxG8b li6UzUt0UfuEsS4H14O0fKqXHFWxeld1MjkEtMYaDbcaJ9PLUh2u3KxlEspmKhHG 2QTVwD88FZkeUgbGyfkI0w4n93UU7Kzm5FotKYiz1oRcdNgnCqpp+m/s9FpgWi00 np2DAYv6Qr4OixiT877pQS7vVJhp5QjFRysNb2FXHz9BagdpJgTpEid5tWkS50uy mABQefuajZuPXxhksR3d0BxCJErws9jnuXn7kd5P/Mv2lTpKgxTRkq8VzzhQRO1U TRn0p9Xg8g3lt+t8hdMGUsfwbbtX9kuOHwdT5QjURHhMN9BQSpk9jS6tqUF9tHXV Udbx6mYcRaBOjSBSDGs3VfH6PQEiHGMhXZWKWcJw3OlaUmLn147Mcj8OSIDJ8bIZ EYTiKtHJrZWAYmwWaeY1C8lfI7hUGPMpBbK8xXjTX5Iqjh8ibjYU6F5YnCFJ7N6t bFihXym3yapPOBZxE8BrDDX+tQ28juFU9qXjJ/VCc6Qpd6Y3aJXcnU+g7AUaYbGE SveoEMDPv4DeqA1wqc4ZJtc8T2E2fUHG8hhdWG24Os3zvjuiUg43UemIDgyoTL/A nL49y6Z/Jx6IxL+qiteaUJZzukel4ocGhOV9HAprahYjvV0v7Ps-aH -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2018-0012.1 Severity: Moderate Synopsis: VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue Issue date: 2018-05-21 Updated on: 2018-06-28 CVE number: CVE-2018-3639 1. Summary VMware vSphere, Workstation and Fusion updates enable Hypervisor- Assisted Guest Mitigations for Speculative Store Bypass issue. The mitigations in this advisory are categorized as Hypervisor- Assisted Guest Mitigations described by VMware Knowledge Base article 54951. KB54951 also covers CVE-2018-3640 mitigations which do not require VMware product updates. 2. Relevant Products VMware vCenter Server (VC) VMware vSphere ESXi (ESXi) VMware Workstation Pro / Player (Workstation) VMware Fusion Pro / Fusion (Fusion) 3. Problem Description vCenter Server, ESXi, Workstation, and Fusion update speculative execution control mechanism for Virtual Machines (VMs). As a result, a patched Guest Operating System (GOS) can remediate the Speculative Store bypass issue (CVE-2018-3639) using the Speculative-Store- Bypass-Disable (SSBD) control bit. This issue may allow for information disclosure in applications and/or execution runtimes which rely on managed code security mechanisms. Based on current evaluations, we do not believe that CVE-2018-3639 could allow for VM to VM or Hypervisor to VM Information disclosure. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-3639 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Mitigation/ Product Version on Severity Apply Patch Workaround =========== ======= ======= ======== ==================== ========== VC 6.7 Any Moderate 6.7.0b * None VC 6.5 Any Moderate 6.5 U2b * None VC 6.0 Any Moderate 6.0 U3f * None VC 5.5 Any Moderate 5.5 U3i * None ESXi 6.7 Any Moderate ESXi670-201806401-BG * None ESXi670-201806402-BG ** ESXi 6.5 Any Moderate ESXi650-201806401-BG * None ESXi650-201806402-BG ** ESXi 6.0 Any Moderate ESXi600-201806401-BG * None ESXi600-201806402-BG ** ESXi 5.5 Any Moderate ESXi550-201806401-BG * None ESXi550-201806402-BG ** Workstation 14.x Any Moderate 14.1.2 * None Fusion 10.x OSX Moderate 10.1.2 * None * There are additional VMware and 3rd party requirements for CVE-2018-3639 mitigation beyond applying these updates. Please see VMware Knowledge Base article 55111 for details. ** If available, these ESXi patches apply the required microcode updates. The included microcode updates are documented in the VMware Knowledge Base articles listed in the Solution section. 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. vCenter Server 6.7.0b Downloads: https://my.vmware.com/web/vmware/details?downloadGroup=VC670B&productId=742 &rPId=24511 Documentation: https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-670 b-release-notes.html vCenter Server 6.5 U2b Downloads: https://my.vmware.com/web/vmware/details?downloadGroup=VC65U2B&productId=61 4&rPId=24437 Documentation: https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u 2b-release-notes.html vCenter Server 6.0 U3f Downloads: https://my.vmware.com/web/vmware/details?downloadGroup=VC60U3F&productId=49 1&rPId=24398 Documentation: https://docs.vmware.com/en/VMware-vSphere/6.0/rn/vsphere-vcenter-server-60u 3f-release-notes.html vCenter Server 5.5 U3i Downloads: https://my.vmware.com/web/vmware/details?downloadGroup=VC55U3I&productId=35 3&rPId=24327 Documentation: https://docs.vmware.com/en/VMware-vSphere/5.5/rn/vsphere-vcenter-server-55u 3i-release-notes.html VMware ESXi 6.7 Downloads: https://my.vmware.com/group/vmware/patch Documentation: https://kb.vmware.com/kb/55920 https://kb.vmware.com/kb/55921 (microcode) VMware ESXi 6.5 Downloads: https://my.vmware.com/group/vmware/patch Documentation: https://kb.vmware.com/kb/55915 https://kb.vmware.com/kb/55916 (microcode) VMware ESXi 6.0 Downloads: https://my.vmware.com/group/vmware/patch Documentation: https://kb.vmware.com/kb/55910 https://kb.vmware.com/kb/55911 (microcode) VMware ESXi 5.5 Downloads: https://my.vmware.com/group/vmware/patch Documentation: https://kb.vmware.com/kb/55905 https://kb.vmware.com/kb/55906 (microcode) VMware Workstation Pro, Player 14.1.2 Downloads and Documentation: https://www.vmware.com/go/downloadworkstation https://www.vmware.com/go/downloadplayer VMware Fusion Pro / Fusion 10.1.2 Downloads and Documentation: https://www.vmware.com/go/downloadfusion 5. References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 https://kb.vmware.com/kb/54951 https://kb.vmware.com/kb/55111 - ------------------------------------------------------------------------ 6. Change log 2018-05-21: VMSA-2018-0012 Initial security advisory in conjunction with the release of Workstation 14.1.2 and Fusion 10.1.2 on 2018-05-21. 2018-06-28: VMSA-2018-0012.1 Updated security advisory in conjunction with the release of vCenter Server 5.5 U3i, 6.0 U3f, 6.5 U2b, 6.7.0b and ESXi 5.5 - 6.7 patches on 2018-06-28. - ------------------------------------------------------------------------ 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce at lists.vmware.com bugtraq at securityfocus.com fulldisclosure at seclists.org E-mail: security at vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2018 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8 wj8DBQFbNaFeDEcm8Vbi9kMRAn4NAJ42HgDjfXkcTVfDupwE4KPdPVsf7wCcDaLy aN23XiAmhvFSxcQ5GnJR0ls= =frKv -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3756-1 August 27, 2018 intel-microcode vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: The system could be made to expose sensitive information. Software Description: - intel-microcode: Processor microcode for Intel CPUs Details: It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). This vulnerability is also known as Rogue System Register Read (RSRE). (CVE-2018-3640) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: intel-microcode 3.20180807a.0ubuntu0.18.04.1 Ubuntu 16.04 LTS: intel-microcode 3.20180807a.0ubuntu0.16.04.1 Ubuntu 14.04 LTS: intel-microcode 3.20180807a.0ubuntu0.14.04.1 After a standard system update you need to reboot your computer to make all the necessary changes

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Has speculative execution function CPU Is vulnerable to a cache-side channel attack. "Variant 4" Or "SpectreNG" It is called. Has speculative execution function CPU The following vulnerabilities have been reported that perform cache timing side-channel attacks against. * CVE-2018-3639 (Variant 4 "SpectreNG") : Speculative Store Bypass (SSB) * CVE-2018-3640 (Variant 3a) : Rogue System Register Read (RSRE) For more information, Project Zero <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1528">bug report</a> , Intel security advisory <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html">INTEL-SA-00115</a> and ARM <a href="https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability">whitepaper</a> Please refer to. This vulnerability has been announced in the past <a href="https://www.kb.cert.org/vuls/id/584653"> Vulnerability </a> CVE-2017-5753 (Variant 1 "Spectre") , CVE-2017-5715 (Variant 2 "Spectre") , CVE-2017-5754 (Variant 3 "Meltdown") To be similar to "SpectreNG" It is reported with the name.By using a cache timing side channel attack, a third party who can access as a local user may be able to read arbitrary privilege data or system register values. CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. Multiple CPUHardware information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. 7) - aarch64, noarch, ppc64le, s390x 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following: afpserver Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A remote attacker may be able to attack AFP servers through HTTP clients Description: An input validation issue was addressed with improved input validation. CVE-2018-4295: Jianjun Chen (@whucjj) from Tsinghua University and UC Berkeley AppleGraphicsControl Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4410: an anonymous researcher working with Trend Micro's Zero Day Initiative AppleGraphicsControl Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4417: Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative APR Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2017-12613: Craig Young of Tripwire VERT CVE-2017-12618: Craig Young of Tripwire VERT ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiative ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4308: Mohamed Ghannam (@_simo36) CFNetwork Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative CoreAnimation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4415: Liang Zhuo working with Beyond Security's SecuriTeam Secure Disclosure CoreCrypto Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum CoreFoundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: In certain configurations, a remote attacker may be able to replace the message content from the print server with arbitrary content Description: An injection issue was addressed with improved validation. CVE-2018-4153: Michael Hanselmann of hansmi.ch CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4406: Michael Hanselmann of hansmi.ch Dictionary Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Parsing a maliciously crafted dictionary file may lead to disclosure of user information Description: A validation issue existed which allowed local file access. This was addressed with input sanitization. CVE-2018-4346: Wojciech ReguAa (@_r3ggi) of SecuRing Dock Available for: macOS Mojave 10.14 Impact: A malicious application may be able to access restricted files Description: This issue was addressed by removing additional entitlements. CVE-2018-4403: Patrick Wardle of Digita Security dyld Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. This ensures that older data read from recently-written-to addresses cannot be read via a speculative side-channel. CVE-2018-3639: Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken Johnson of the Microsoft Security Response Center (MSRC) EFI Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A local user may be able to modify protected parts of the file system Description: A configuration issue was addressed with additional restrictions. CVE-2018-4342: Timothy Perfitt of Twocanoes Software Foundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck) Grand Central Dispatch Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad Heimdal Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. Wenisch of University of Michigan, Mark Silberstein and Marina Minkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens of KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu of Intel Corporation, Yuval Yarom of The University of Adelaide Hypervisor Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team ICU Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4394: an anonymous researcher Intel Graphics Driver Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4334: Ian Beer of Google Project Zero Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4396: Yu Wang of Didi Research America CVE-2018-4418: Yu Wang of Didi Research America Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4350: Yu Wang of Didi Research America IOGraphics Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4422: an anonymous researcher working with Trend Micro's Zero Day Initiative IOHIDFamily Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4402: Proteas of Qihoo 360 Nirvan Team IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero IOUserEthernet Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple IPSec Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2018-4420: Mohamed Ghannam (@_simo36) Kernel Available for: macOS High Sierra 10.13.6 Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane) Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4419: Mohamed Ghannam (@_simo36) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative Kernel Available for: macOS Sierra 10.12.6 Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security Team Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. Kernel Available for: macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4424: Dr. Silvio Cesare of InfoSect Login Window Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4348: Ken Gannon of MWR InfoSecurity and Christian Demko of MWR InfoSecurity Mail Available for: macOS Mojave 10.14 Impact: Processing a maliciously crafted mail message may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4389: Dropbox Offensive Security Team, Theodor Ragnar Gislason of Syndis mDNSOffloadUserClient Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team MediaRemote Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel. CVE-2018-3640: Innokentiy Sennovskiy from BiZone LLC (bi.zone), Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com) NetworkExtension Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy Description: A logic issue was addressed with improved state management. CVE-2018-4369: an anonymous researcher Perl Available for: macOS Sierra 10.12.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2018-6797: Brian Carpenter Ruby Available for: macOS Sierra 10.12.6 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple issues in Ruby were addressed in this update. CVE-2017-898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted S/MIME signed message may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security Spotlight Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4393: Lufeng Li Symptom Framework Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative WiFi Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische UniversitA$?t Darmstadt Additional recognition Calendar We would like to acknowledge an anonymous researcher for their assistance. iBooks We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance. Kernel We would like to acknowledge Brandon Azad for their assistance. LaunchServices We would like to acknowledge Alok Menghrajani of Square for their assistance. Quick Look We would like to acknowledge lokihardt of Google Project Zero for their assistance. Security We would like to acknowledge Marinos Bernitsas of Parachute for their assistance. Terminal We would like to acknowledge an anonymous researcher for their assistance. Installation note: macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EcGQ// QbUbTOZRgxcStGZjs+qdXjeaXI6i1MKaky7o/iYCXf87crFu79PCsXyPU1jeMvoS tgDxz7ornlyaxR4wcSYzfcuIeY2ZH+dkxc7JJHQbKTW1dWYHpXUUzzNm+Ay/Gtk+ 2EIAgJ9oUf8FARR5cmcKBZfLFVdc40vpM3bBCV4m2Kr5KiDsqZKdZTujBQRccAsO HKRbhDecw0WX/CfEbLprs86uIXFMIoifhmh8LMebjzIQn2ozoFG6R31vMMHeDpir zf0xlVCJrJy/XywmkodhBWWrUWcM0hfsJ8EmyIBwFEYUxFhOV3D+x3rStd2kjyNL LG9oWclxDkjImQXdrL8IRAQfZvcVQFZK2vSGCYfRN0LY105sxjPjeIsJ0RORzcSN 2mlDR1UuTosk0GleDbmhv/ornfOc537UebwuHVWU5LpPNFkvY1Cv8zPrQAHewuod TmktkNuv2x2fgw9g7ntE88UBF9JMC+Ofs/FgJ67RkoT4R39P7VvaztHlmxmr/rIw TrSs7TDVqciz+DOMRKxyNPI1cpXM5ITCTvgbY4+RWwaFJzfgY+Gc+sldvVcb1x9I LlsI19MA0bsvi+ReOcLbWYuEHaVhVqZ7LndxR9m2gJ39L9jff+dOsSlznF4OLs+S t7Rz6i2mOpe6vXobkTUmml3m3zYIhL3XcdcYpw3U0F8= =uhgi -----END PGP SIGNATURE----- . 7.2) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. (CVE-2018-3639) Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact. In this update mitigations for x86-64 architecture are provided. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: libvirt security update Advisory ID: RHSA-2018:1632-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1632 Issue date: 2018-05-21 CVE Names: CVE-2018-3639 ===================================================================== 1. Summary: An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the libvirt side of the CVE-2018-3639 mitigation. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, libvirtd will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm x86_64: libvirt-3.9.0-14.el7_5.5.x86_64.rpm libvirt-client-3.9.0-14.el7_5.5.i686.rpm libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.5.i686.rpm libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.5.i686.rpm libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.5.i686.rpm libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm x86_64: libvirt-client-3.9.0-14.el7_5.5.i686.rpm libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.5.i686.rpm libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libvirt-3.9.0-14.el7_5.5.x86_64.rpm libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.5.i686.rpm libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.5.i686.rpm libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm ppc64: libvirt-3.9.0-14.el7_5.5.ppc64.rpm libvirt-client-3.9.0-14.el7_5.5.ppc.rpm libvirt-client-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.ppc64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64.rpm libvirt-devel-3.9.0-14.el7_5.5.ppc.rpm libvirt-devel-3.9.0-14.el7_5.5.ppc64.rpm libvirt-docs-3.9.0-14.el7_5.5.ppc64.rpm libvirt-libs-3.9.0-14.el7_5.5.ppc.rpm libvirt-libs-3.9.0-14.el7_5.5.ppc64.rpm ppc64le: libvirt-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-client-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-devel-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-docs-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-libs-3.9.0-14.el7_5.5.ppc64le.rpm s390x: libvirt-3.9.0-14.el7_5.5.s390x.rpm libvirt-client-3.9.0-14.el7_5.5.s390.rpm libvirt-client-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390x.rpm libvirt-devel-3.9.0-14.el7_5.5.s390.rpm libvirt-devel-3.9.0-14.el7_5.5.s390x.rpm libvirt-docs-3.9.0-14.el7_5.5.s390x.rpm libvirt-libs-3.9.0-14.el7_5.5.s390.rpm libvirt-libs-3.9.0-14.el7_5.5.s390x.rpm x86_64: libvirt-3.9.0-14.el7_5.5.x86_64.rpm libvirt-client-3.9.0-14.el7_5.5.i686.rpm libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.5.i686.rpm libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.5.i686.rpm libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm ppc64le: libvirt-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-client-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-devel-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-docs-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-libs-3.9.0-14.el7_5.5.ppc64le.rpm s390x: libvirt-3.9.0-14.el7_5.5.s390x.rpm libvirt-client-3.9.0-14.el7_5.5.s390.rpm libvirt-client-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390x.rpm libvirt-devel-3.9.0-14.el7_5.5.s390.rpm libvirt-devel-3.9.0-14.el7_5.5.s390x.rpm libvirt-docs-3.9.0-14.el7_5.5.s390x.rpm libvirt-libs-3.9.0-14.el7_5.5.s390.rpm libvirt-libs-3.9.0-14.el7_5.5.s390x.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libvirt-admin-3.9.0-14.el7_5.5.ppc64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.ppc64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.ppc64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.ppc64.rpm libvirt-nss-3.9.0-14.el7_5.5.ppc.rpm libvirt-nss-3.9.0-14.el7_5.5.ppc64.rpm ppc64le: libvirt-admin-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-login-shell-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-nss-3.9.0-14.el7_5.5.ppc64le.rpm s390x: libvirt-admin-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390x.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.s390x.rpm libvirt-login-shell-3.9.0-14.el7_5.5.s390x.rpm libvirt-nss-3.9.0-14.el7_5.5.s390.rpm libvirt-nss-3.9.0-14.el7_5.5.s390x.rpm x86_64: libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.5.i686.rpm libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm aarch64: libvirt-3.9.0-14.el7_5.5.aarch64.rpm libvirt-admin-3.9.0-14.el7_5.5.aarch64.rpm libvirt-client-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.aarch64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.aarch64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.aarch64.rpm libvirt-devel-3.9.0-14.el7_5.5.aarch64.rpm libvirt-docs-3.9.0-14.el7_5.5.aarch64.rpm libvirt-libs-3.9.0-14.el7_5.5.aarch64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.aarch64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.aarch64.rpm libvirt-nss-3.9.0-14.el7_5.5.aarch64.rpm ppc64le: libvirt-admin-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-login-shell-3.9.0-14.el7_5.5.ppc64le.rpm libvirt-nss-3.9.0-14.el7_5.5.ppc64le.rpm s390x: libvirt-admin-3.9.0-14.el7_5.5.s390x.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.s390x.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.s390x.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.s390x.rpm libvirt-login-shell-3.9.0-14.el7_5.5.s390x.rpm libvirt-nss-3.9.0-14.el7_5.5.s390.rpm libvirt-nss-3.9.0-14.el7_5.5.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libvirt-3.9.0-14.el7_5.5.src.rpm x86_64: libvirt-3.9.0-14.el7_5.5.x86_64.rpm libvirt-client-3.9.0-14.el7_5.5.i686.rpm libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-devel-3.9.0-14.el7_5.5.i686.rpm libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm libvirt-libs-3.9.0-14.el7_5.5.i686.rpm libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.i686.rpm libvirt-debuginfo-3.9.0-14.el7_5.5.x86_64.rpm libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm libvirt-nss-3.9.0-14.el7_5.5.i686.rpm libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/ssbd 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBWwQp8NzjgjWX9erEAQgjIQ/9FPWlz6V6bfpte6N1MYXngwb3QURLtaya fu7q7WCq4GBE2+hqATKLzvpzqYD0wVWuiy2ayQ1TBmLd3Hh2m3fqKq9P/CH3A5Kl HrEvKmhOuCCbRYcGwdV2CibzCNleBONgfsd+jA0vcWuRYUWz8lY0HIHAW/jNZdwm tVGFGmlMPN6tH4cGGIGkG3fq3n2F1V/D4u7vzfOvZi6M4+F2guVDikEF6Vuf3EVf IqKLhrNAPclyE84BnMa6Ql+Jvlj9OUhMHcuft4GfipyJPKcFZD+RicJTBdZQbznr eL+gxRZ4yYOPwjOet0XjuHA+s9jAfi2f4W/+D8UPfOtjFa94D06mClB8IMaVq7sM 3gmyediv6zgEDLFDNGngvh+ords+SLHJZwpmryHjZ6kSGJcSABIL9vTx/oi2IOQf 0Gci5qHP0l//qASkC4Z/ttYdWpgC6AkjZyafS19CAJmCkzmsgNavAouf/ssfzJdI /FI8driEQVDu8Q2hiPOwPisJLW4rkT3F+gSsk5yoEroX21SQODUuKkZ9su+GliiZ ETZG53/W43SxO6VAfn1vW0toI/QuCu4pWjcDXx/fjuxlhWhOIzGwCCt2Z3DitOfc X5aLkw/Or4Jd78yemhOam5b9Gq6n9IFTh7sbuQ2ldd9zxRH0bwSG+nwmS/7/7jxq wQPA6w3E8hM= =GAQw -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7.3) - ppc64, ppc64le, x86_64 3. Security Fix(es): * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. 7) - x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. (CVE-2018-3639) Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation that includes support for guests running on hosts with AMD processors. Once all virtual machines have shut down, start them again for this update to take effect. ========================================================================== Ubuntu Security Notice USN-3651-1 May 21, 2018 qemu update ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Side channel execution mitigations were added to QEMU. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64 and i386. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: qemu 1:2.11+dfsg-1ubuntu7.2 qemu-system 1:2.11+dfsg-1ubuntu7.2 qemu-system-x86 1:2.11+dfsg-1ubuntu7.2 Ubuntu 17.10: qemu 1:2.10+dfsg-0ubuntu3.7 qemu-system 1:2.10+dfsg-0ubuntu3.7 qemu-system-x86 1:2.10+dfsg-0ubuntu3.7 Ubuntu 16.04 LTS: qemu 1:2.5+dfsg-5ubuntu10.29 qemu-system 1:2.5+dfsg-5ubuntu10.29 qemu-system-x86 1:2.5+dfsg-5ubuntu10.29 Ubuntu 14.04 LTS: qemu 2.0.0+dfsg-2ubuntu1.42 qemu-system 2.0.0+dfsg-2ubuntu1.42 qemu-system-x86 2.0.0+dfsg-2ubuntu1.42 After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. AMD, ARM, and Intel CPUs have security vulnerabilities. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * The kernel-rt packages have been upgraded to the 3.10.0-693.37.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1599860) 4

A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. mySCADA myPRO Contains a vulnerability in the use of hard-coded credentials.Information may be obtained and information may be altered

The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860. Radio Thermostat CT50 and CT80 Contains an input validation vulnerability.Information may be tampered with. Radio Thermostat CT50 and CT80 are touch screen thermostat products of American Radio Thermostat Company. This product manages heating and cooling systems in homes. Local HTTP API is one of the local HTTP interfaces

On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution. D-Link DIR-550A and DIR-604M The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The D-Link DIR-550A and DIR-604M are both D-Link wireless router products. A remote code execution vulnerability exists in D-LinkDIR-550A and DIR-604M2.10KR and earlier