microcode_ctl-2.1-73.11.el7

エラータID: AXSA:2021-2305:11

Release date: 
Tuesday, August 10, 2021 - 04:19
Subject: 
microcode_ctl-2.1-73.11.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The microcode_ctl packages provide microcode updates for Intel.

Security Fix(es):

* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors

(CVE-2020-24511)

* hw: observable timing discrepancy in some Intel Processors

(CVE-2020-24512)

* hw: Information disclosure issue in Intel SGX via RAPL interface

(CVE-2020-8695)

* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)

CVE-2020-0543
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0548
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0549
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24489
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-24511
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24512
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8695
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Solution: 

Update packages.

CVEs: 
CVE-2020-0543
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0548
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0549
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24489
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-24511
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-24512
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8695
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-8696
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-8698
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Additional Info: 

N/A

Download: 

SRPMS
  1. microcode_ctl-2.1-73.11.el7.src.rpm
    MD5: 2abeb056ab1484fb268a93e2e7d09b32
    SHA-256: 7af5592bd3fb54df0c81cecf25ceb84aaaf3eaddeb12a474e15a07d6e800aa43
    Size: 6.18 MB

Asianux Server 7 for x86_64
  1. microcode_ctl-2.1-73.11.el7.x86_64.rpm
    MD5: 31e7c1b9ecb28e8ab7143432c3eff5fb
    SHA-256: b9094e5e528d7df293a614ce3e8a72eb2623b426b07e7f957eab5dfbb65f905f
    Size: 4.22 MB