patches/packages/linux-4.4.153/*
This kernel update enables mitigations for L1 Terminal Fault aka
Foreshadow and Foreshadow-NG vulnerabilities.
Thanks to Bernhard Kaindl for bisecting the boot issue that was preventing
us from upgrading to earlier 4.4.x kernels that contained this fix.
To see the status of CPU vulnerability mitigations on your system, look at
the files in: /sys/devices/system/cpu/vulnerabilities
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646
(* Security fix *)