Medium: microcode_ctl

2021-06-16T20:37:00
ID ALAS2-2021-1663
Type amazon
Reporter Amazon
Modified 2021-06-22T22:38:00

Description

Issue Overview:

A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state. (CVE-2020-8696)

Affected Packages:

microcode_ctl

Issue Correction:
Run yum update microcode_ctl to update your system.

New Packages:

i686:  
    microcode_ctl-2.1-47.amzn2.0.9.i686  
    microcode_ctl-debuginfo-2.1-47.amzn2.0.9.i686

src:  
    microcode_ctl-2.1-47.amzn2.0.9.src

x86_64:  
    microcode_ctl-2.1-47.amzn2.0.9.x86_64  
    microcode_ctl-debuginfo-2.1-47.amzn2.0.9.x86_64