Video: Intel says can't protect all chips vulnerable to Meltdown and Spectre.
Oracle has released patches for the latest Spectre CPU flaws and a fix for the Lazy floating-point unit (FPU) state restore issue affecting Intel CPUs[1].
Oracle's updates address the Spectre CPU flaws revealed in May, including CVE-2018-3640, also known as Spectre variant 3a, and CVE-2018-3639, Spectre variant 4.
The fix for Spectre version 4 needs both software and microcode updates, while fixing Spectre version 3a only requires microcode updates.
Oracle has released software-based patches for Oracle Linux and Oracle VM with Intel's microcode updates for x86 hardware.
Oracle director of security assurance, Eric Maurice, said[2] the company will release more microcode updates and firmware patches as they become available from Intel.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)[3][4]
Oracle has also released updates[5] for Red Hat Compatible Kernel (RHCK) to address CVE-2018-3665, the Lazy FPU issue that affects operating systems and VMs running on x86 microprocessors.
This update can be installed using Oracle's Ksplice tool for patching Oracle Linux.
Ksplice updates are also available[6] for Oracle Unbreakable Enterprise Kernel Release 4 (UEKR4) on Oracle Linux 6 and Oracle Linux 7, which bring additional improved fixes for Spectre variant 2, and Spectre variant 3a.
Under Single Thread Indirect Branch Predictors (STIBP) enable failure, Oracle notes: "Incorrect masking could prevent the STIBP feature of the IA32_SPEC_CTRL MSR from being set. Guests that used the STIBP feature to mitigate Spectre v2 would not be fully mitigated."
That update also includes a fix for Spectre Variant