2018-01-04 15:27 GMT-03:00 Matthew Miller <mat...@fedoraproject.org>:
> On Thu, Jan 04, 2018 at 12:50:44PM -0500, sean darcy wrote: > > >Mitigation for Meltdown is in place in the kernel updates we released > > >yesterday. (Thanks to kernel team, release engineering, infrastructure > > >/ security, and qa!) Updates for Spectre should be coming in soon. > > Meltdown - CVE-2017-5754 - is not mentioned in the koji kernel builds. > > I believe this is because the work was done while the issue was still under > embargo. But see > https://bodhi.fedoraproject.org/updates/FEDORA-2018-22d5fa8a90 > > > > > But should we be worried about Meltdown even without kpti for: > > An internet facing headless laptop acting as a router. No local > > users. No X. No browsers. The only private info on the machine is > > ssh keys, and the local root password. Any potential problem ? > > Red Hat security has rated these CVEs as having an impact of > "Important", https://access.redhat.com/security/updates/classification/ > > > "This rating is given to flaws that can easily compromise the > confidentiality, integrity, or availability of resources. These are the > types of vulnerabilities that allow local users to gain privileges, > allow unauthenticated remote users to view resources that should > otherwise be protected by authentication, allow authenticated remote > users to execute arbitrary code, or allow remote users to cause a > denial of service." > > But.... I'm wonder if an attacker can exploit this vulnerability remotely, that's not clear for me... > So.... > > > Can we sleep at night ? > > Up to you, I'm afraid. :) > > -- > Matthew Miller > <mat...@fedoraproject.org> > Fedora Project Leader > _______________________________________________ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > -- -- Sergio Belkin LPIC-2 Certified - http://www.lpi.org
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org
