Source: libvirt Version: 5.0.0-2 Severity: grave Tags: security upstream Control: found -1 3.0.0-4+deb9u3 Control: found -1 3.0.0-4
Hi libvirt need to define md-clear CPUID bit for the MDS vulnerabilites. There is https://libvirt.org/git/?p=libvirt.git;a=commit;h=538d873571d7a682852dc1d70e5f4478f4d64e85 > cpu_map: Define md-clear CPUID bit > > CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 > > The bit is set when microcode provides the mechanism to invoke a flush > of various exploitable CPU buffers by invoking the VERW instruction. The issues are not really in libvirt itself, but to protect VM users libvirt would need as well an update. Regards, Salvatore
