microcode_ctl-20210216-1.20210608.1.el8

エラータID: AXSA:2021-2304:10

Release date: 
Tuesday, August 10, 2021 - 04:17
Subject: 
microcode_ctl-20210216-1.20210608.1.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The microcode_ctl packages provide microcode updates for Intel.

Security Fix(es):

* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors

(CVE-2020-24511)

* hw: observable timing discrepancy in some Intel Processors

(CVE-2020-24512)

* hw: Information disclosure issue in Intel SGX via RAPL interface

(CVE-2020-8695)

* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)

CVE-2020-0543
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0548
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0549
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24489
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-24511
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24512
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8695
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Solution: 

Update packages.

CVEs: 
CVE-2020-0543
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0548
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0549
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24489
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-24511
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24512
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8695
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Additional Info: 

N/A

Download: 

SRPMS
  1. microcode_ctl-20210216-1.20210608.1.el8.src.rpm
    MD5: e00c31fb3d29507b11008039e4fa3272
    SHA-256: b87c9edf52be71fca425d9ec6ce4167773e93f8519f6ceb43f30cf2188bc8ad0
    Size: 10.11 MB

Asianux Server 8 for x86_64
  1. microcode_ctl-20210216-1.20210608.1.el8.x86_64.rpm
    MD5: c9e7435821fdeb93ecd5ebf2d02c6e57
    SHA-256: 3ca2992db754027b113152d91a4a04d9b61fb80c6a39c2e065a64336e070a883
    Size: 5.51 MB