Debian Releases Security Update for Mitigating a Series of CPU Vulnerabilities

The Debian Project released a new Linux kernel security update for its supported version of Debian GNU/Linux to address the latest vulnerabilities affecting Intel’s CPU microarchitecture.

As previously revealed, four new security vulnerabilities have been discovered in the Linux kernel that has an impact on Intel CPUs: CVE-2019-11135, CVE-2018-12207, CVE-2019-0154, and CVE-2019-0155. These vulnerabilities could lead to privilege escalation, information disclosure, and denial of service.

“This update ships updated CPU microcode for some types of Intel CPUs. In particular, it provides mitigations for the TAA (TSX Asynchronous Abort) vulnerability. For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages,” reads the security advisory.

The Debian Project recommends that all users of the Debian GNU / Linux 9 “Stretch” and Debian GNU / Linux 10 “Buster” operating systems update their installations to the new Linux kernel version as soon as possible.

Via: Softpedia