You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa microcode_ctl

Sigurnosni nedostaci programskog paketa microcode_ctl

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: microcode_ctl security, bug fix, and enhancement update
Advisory ID: RHSA-2020:5083-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5083
Issue date: 2020-11-11
CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698
=====================================================================

1. Summary:

An update for microcode_ctl is now available for Red Hat Enterprise Linux
7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – x86_64
Red Hat Enterprise Linux Server (v. 7) – x86_64
Red Hat Enterprise Linux Workstation (v. 7) – x86_64

3. Description:

Security Fix(es):

* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)

* hw: Vector Register Leakage-Active (CVE-2020-8696)

* hw: Fast forward store predictor (CVE-2020-8698)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.

Bug Fix(es) and Enhancement(s):

* Update Intel CPU microcode to microcode-20201027 release, addresses:
– Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;
– Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;
– Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;
– Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;
– Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;
– Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision
0xe0;
– Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;
– Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up
to 0x2006a08;
– Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;
– Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up
to 0xe0;
– Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xd6 up to 0xde;
– Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up
to 0xde;
– Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x43 up to 0x44;
– Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157
up to 0x1000159;
– Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01
up to 0x4003003;
– Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5002f01 up to 0x5003003;
– Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up
to 0x40;
– Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up
to 0x1e;
– Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up
to 0x18;
– Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78
up to 0xa0;
– Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca
up to 0xe0.

* Add README file to the documentation directory.

* Add publicly-sourced codenames list to supply to gen_provides.sh; update
the latter to handle the somewhat different format.

* Add SUMMARY.intel-ucode file containing metadata information from the
microcode file headers.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1828583 – CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface
1890355 – CVE-2020-8696 hw: Vector Register Leakage-Active
1890356 – CVE-2020-8698 hw: Fast forward store predictor

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
microcode_ctl-2.1-73.2.el7_9.src.rpm

x86_64:
microcode_ctl-2.1-73.2.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.2.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
microcode_ctl-2.1-73.2.el7_9.src.rpm

x86_64:
microcode_ctl-2.1-73.2.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.2.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
microcode_ctl-2.1-73.2.el7_9.src.rpm

x86_64:
microcode_ctl-2.1-73.2.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.2.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
microcode_ctl-2.1-73.2.el7_9.src.rpm

x86_64:
microcode_ctl-2.1-73.2.el7_9.x86_64.rpm
microcode_ctl-debuginfo-2.1-73.2.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-8695
https://access.redhat.com/security/cve/CVE-2020-8696
https://access.redhat.com/security/cve/CVE-2020-8698
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX6u5e9zjgjWX9erEAQhS2w//XY9dsHxAskbXzXCnV/QpdwvKL1glZTKc
D65UhdvhV73GetVID08E/nSw7hf93dSHmUJPvcyT4qoM+XbWtF11ocO5sS/qM+eH
1IKrC6aLYWCg3xAL0NVF5RCRciEjpHVFHfEQ1HvK5a3OC6e8yNc3lVlspXCFV8Dy
PSMMarLgv8iDg86jvXYubosvZ+N1NTm7B7ufpoGkb502thhYxc/auU4wiZZp8iyF
iFnC3zGsdhJ9Z8XSKIWZ7e1p2hVlaXuk47SaKOd/2Vw3LTXmKyLWDjoGr4+PRneC
rTz/K/cuMkTGfq9FECUCq+2ftMnJkuJkagj5FCrdYUjeBM7G4H7DxvG2BXICYqJ3
U8Al+RC2AXcKajTk9kwkgmKeZmkSUmahv3y6O2bxPOshEzHJb6nbzjZYut51QgMR
zL0z2SJyhQccTBsb7JFUhMz1YZnliP4rR0lrhSgt6tL5pdWDz53CQjzbgR2lY7Xf
yHfI/9p0d4lyqNreGz6KlsRa/Y73ijj6TCFTpuPqORAAmkQxbvoAEIicxWaFWBIr
hAIyyk+D2XqcQ3rkaAeWVu8zkiW/zMVNR77MuRh5JtAL5XsJhPdfUwbtq8o/RL8u
qnb7vPoVSdtapN14KZciKwzQPUwcXGnCH7XasjFOArKO0wZojCOf3cOOk3dX1QnW
N94XaKae/xE=
=65kD
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: microcode_ctl security, bug fix, and enhancement update
Advisory ID: RHSA-2020:5084-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5084
Issue date: 2020-11-11
CVE Names: CVE-2020-8696 CVE-2020-8698
=====================================================================

1. Summary:

An update for microcode_ctl is now available for Red Hat Enterprise Linux
6.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) – i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) – x86_64
Red Hat Enterprise Linux Server (v. 6) – i386, x86_64
Red Hat Enterprise Linux Workstation (v. 6) – i386, x86_64

3. Description:

Security Fix(es):

* hw: Vector Register Leakage-Active (CVE-2020-8696)

* hw: Fast forward store predictor (CVE-2020-8698)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.

Bug Fix(es) and Enhancement(s):

* Update Intel CPU microcode to microcode-20201027 release, addresses:
– Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;
– Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;
– Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;
– Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;
– Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;
– Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision
0xe0;
– Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;
– Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up
to 0x2006a08;
– Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;
– Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up
to 0xe0;
– Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xd6 up to 0xde;
– Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up
to 0xde;
– Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x43 up to 0x44;
– Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157
up to 0x1000159;
– Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01
up to 0x4003003;
– Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5002f01 up to 0x5003003;
– Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up
to 0x40;
– Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up
to 0x1e;
– Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up
to 0x18;
– Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78
up to 0xa0;
– Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca
up to 0xe0.

* Add README file to the documentation directory.

* Add publicly-sourced codenames list to supply to gen_provides.sh; update
the latter to handle the somewhat different format.

* Add SUMMARY.intel-ucode file containing metadata information from
the microcode file headers.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1890355 – CVE-2020-8696 hw: Vector Register Leakage-Active
1890356 – CVE-2020-8698 hw: Fast forward store predictor

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
microcode_ctl-1.17-33.31.el6_10.src.rpm

i386:
microcode_ctl-1.17-33.31.el6_10.i686.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.i686.rpm

x86_64:
microcode_ctl-1.17-33.31.el6_10.x86_64.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
microcode_ctl-1.17-33.31.el6_10.src.rpm

x86_64:
microcode_ctl-1.17-33.31.el6_10.x86_64.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
microcode_ctl-1.17-33.31.el6_10.src.rpm

i386:
microcode_ctl-1.17-33.31.el6_10.i686.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.i686.rpm

x86_64:
microcode_ctl-1.17-33.31.el6_10.x86_64.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
microcode_ctl-1.17-33.31.el6_10.src.rpm

i386:
microcode_ctl-1.17-33.31.el6_10.i686.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.i686.rpm

x86_64:
microcode_ctl-1.17-33.31.el6_10.x86_64.rpm
microcode_ctl-debuginfo-1.17-33.31.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-8696
https://access.redhat.com/security/cve/CVE-2020-8698
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX6u2b9zjgjWX9erEAQhZfw/+IDGKZlA69hUC7R0gs7Dz/vAVYSsdlVqc
qZrgun56CqyDhBo7WEKxyepOPJN16rg6IDOacgNX1KNAhO/pHZ+evg2LzC/5hS0U
uogKdGxKXo36Kh1fLkobVrXJbIvFKl/d7FfxIYjlQQmRuosOagB5UcDlq8KJNx70
C677nWnQsgf5vMHcW57CYBoz+db8+/7kpCMJJy7WNg+TvBivqtNWNK4DSiQK1EE6
1Y7FjXHRe87TCiXl7XOsfvms0wjqO/xl8nv6kNJK693K1/vSP+uhGBvBmVfmbkTR
drzAmCh1or2yU5R7BSbVkeayIaCTy3qfwNGjl7PQjXUSoobPTe8j2VzfihLKJIu0
VAzLMUcanX4vRZ8xAkoh6tg0Dvgh7xruwKVICI21GLH0FhueGWBbgYvRSXBsP5/s
/qhrpG6C+p+smH+f6JphUzSdNUQQZvBFDvMuH3/rIys7EDtcfFmApV8htQ+PyCN5
XH8JtTIukOHcIXjD9gy4zXZzCcBTdR0dU7/kKnTHz4kjAh7x5Npql0kcQcQ6GqKV
o4j7H5E3IGEjLf38NZwRtDXp1665bUIiP/xqbjyliEGPElt0EZu1cv8qQdAXW6P9
ECdyTn/hLJuO6Znq/O92pa/Kfijz3urlU0cWM7sYfAMjY+K9kJxXfzyt0eIK2ebY
Ooj5sQjxcBo=
=PGx2
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update
Advisory ID: RHSA-2020:5085-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5085
Issue date: 2020-11-11
CVE Names: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698
=====================================================================

1. Summary:

An update for microcode_ctl is now available for Red Hat Enterprise Linux
8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) – x86_64

3. Description:

Security Fix(es):

* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)

* hw: Vector Register Leakage-Active (CVE-2020-8696)

* hw: Fast forward store predictor (CVE-2020-8698)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es) and Enhancement(s):

* Update Intel CPU microcode to microcode-20201027 release, addresses:
– Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;
– Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;
– Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;
– Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;
– Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;
– Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision
0xe0;
– Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;
– Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up
to 0x2006a08;
– Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;
– Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up
to 0xe0;
– Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xd6 up to 0xde;
– Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up
to 0xde;
– Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up
to 0xde;
– Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x43 up to 0x44;
– Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157
up to 0x1000159;
– Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01
up to 0x4003003;
– Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5002f01 up to 0x5003003;
– Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up
to 0x40;
– Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up
to 0x1e;
– Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up
to 0x18;
– Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78
up to 0xa0;
– Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca
up to 0xe0.

* Add README file to the documentation directory.

* Add publicly-sourced codenames list to supply to gen_provides.sh; update
the latter to handle the somewhat different format.

* Add SUMMARY.intel-ucode file containing metadata information from
the microcode file headers.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1828583 – CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface
1890355 – CVE-2020-8696 hw: Vector Register Leakage-Active
1890356 – CVE-2020-8698 hw: Fast forward store predictor

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
microcode_ctl-20200609-2.20201027.1.el8_3.src.rpm

x86_64:
microcode_ctl-20200609-2.20201027.1.el8_3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-8695
https://access.redhat.com/security/cve/CVE-2020-8696
https://access.redhat.com/security/cve/CVE-2020-8698
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX6uzYtzjgjWX9erEAQjrYRAAoYb5l5Ux9dSqnIuFcZt3XULhm04Ulecy
4zzqk+Tt1Z51KqH9gx6JF/soWtNHASn+r06JgCOXBuFu0UxDHO8vvB4n5mxHFfBG
GGRc4WRBxvVF7UJ953/PXjvLOMSRorQKJy1GSiI5in7obUOaZ5BjC5J0N7eaufgy
/C0vm8Ws+DqxyDMlmQZHsH+Se8pezmT9ap2RJQd4LBBXZ1dkdbphENukX0t+VQT7
d5FjU0Z3H1mUyqLukeNun057ktkgU378TNKN7Zuwi6bWLTckjfJ6Z1qfru5K6zYX
Kczjxxnq+/M3ZA80jAzhFewzOvFGEObouhA9K1tbrhVLvwA8tS3Yl2YmlVyN7pf/
N3mP1BC1oW1G4NZvnJcmp9Aq9GsMc1SI2UZK9TAoRBtRyh8+xkKBMs9lm3pHLpbd
M7Tht/VEA8QR/JekkjTKnZY1oc+NWhckpR9j5RaZPoqEQ1/6H0SZotKeQlmdM8fy
dCmaWN+jdTU3pfKyGXhtZSpo56Zm//r7vvV8HNiHLBBxPlBHW9oj5T3vsh7ScV1R
bDdUSYT3F6AjBXtUg+B0aUguFI3BKdvRjmDB2W39v/R2enpH2itV8guWZlejf7Vp
Vv738SmTAy/P9y5McnYT8b4trZzMHIz2vhGtiz+hBiIPgnnjRcpnDkPo3ObVgX5j
hnU5+sOg/5k=
=uwzZ
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top
More in Preporuke
Nadogradnja za Microsoft Exchange Server

Microsoft je izdao nadogradnju za Microsoft Exchange Server. Pronađene su ranjivosti koje potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog koda ili...

Close