Lucene search
OracleLinuxELSA-2020-5084HistoryNov 17, 2020 - 12:00 a.m.
microcode_ctl security, bug fix, and enhancement update
2020-11-1700:00:00
linux.oracle.com
62
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
[3:1.17-33.31.0.1]
- recognize the ‘force-intel’ file path available on EL7+ [orabug 31655792]
- disable live load during %post due to UEK4 rendezvous timeouts [orabug 31655792]
- merge Oracle changes for early load via dracut
- remove no longer appropriate caveats for 06-2d-07 and 06-55-04
- remove other caveat support to be compatible with early load logic
- enable late load on install for UEK4 kernels marked safe (except BDW-79)
- set early_microcode=‘no’ in virtualized guests to avoid early load bugs [Orabug: 30618737]
[2:1.17-33.31] - Update Intel CPU microcode to microcode-20201027 release, addresses
CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
(#1893243, #1893238):- Addition of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat)
at revision 0x700001e; - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
microcode.dat) at revision 0x68; - Addition of 06-a5-02/0x20 (CML-H R1) microcode (in microcode.dat)
at revision 0xe0; - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode (in microcode.dat)
at revision 0xe0; - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode (in microcode.dat)
at revision 0xe0; - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode (in
microcode.dat) at revision 0xe0; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
microcode-06-4e-03.dat) from revision 0xdc up to 0xe2; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
microcode-06-55-04.dat) from revision 0x2006906 up to 0x2006a08; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
microcode-06-5e-03.dat) from revision 0xdc up to 0xe2; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
(in microcode.dat) from revision 0x43 up to 0x44; - Update of 06-55-03/0x97 (SKX-SP B1) microcode (in microcode.dat)
from revision 0x1000157 up to 0x1000159; - Update of 06-55-06/0xbf (CLX-SP B0) microcode (in microcode.dat)
from revision 0x4002f01 up to 0x4003003; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode (in
microcode.dat) from revision 0x5002f01 up to 0x5003003; - Update of 06-5c-09/0x03 (APL D0) microcode (in microcode.dat) from
revision 0x38 up to 0x40; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode (in microcode.dat)
from revision 0x16 up to 0x1e; - Update of 06-7a-08/0x01 (GLK-R R0) microcode (in microcode.dat)
from revision 0x16 up to 0x18; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode (in microcode.dat)
from revision 0x78 up to 0xa0; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in microcode.dat)
from revision 0xd6 up to 0xde; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
microcode.dat) from revision 0xd6 up to 0xe0; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in microcode.dat)
from revision 0xd6 up to 0xde; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in microcode.dat)
from revision 0xd6 up to 0xde; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
microcode.dat) from revision 0xd6 up to 0xde; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode (in microcode.dat)
from revision 0xca up to 0xe0.
[2:1.17-33.30]
- Addition of 06-55-0b/0xbf (CPX-SP A1) microcode (in microcode.dat)
- Add README file to the documentation directory.
- Add publicly-sourced codenames list to supply to gen_provides.sh; update
the latter to handle the somewhat different format. - Add SUMMARY.intel-ucode file containing metadata information from
the microcode file headers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 6 | src | microcode_ctl | < 1.17-33.31.0.1.el6_10 | microcode_ctl-1.17-33.31.0.1.el6_10.src.rpm |
| oracle linux | 6 | i686 | microcode_ctl | < 1.17-33.31.0.1.el6_10 | microcode_ctl-1.17-33.31.0.1.el6_10.i686.rpm |
| oracle linux | 6 | src | microcode_ctl | < 1.17-33.31.0.1.el6_10 | microcode_ctl-1.17-33.31.0.1.el6_10.src.rpm |
| oracle linux | 6 | x86_64 | microcode_ctl | < 1.17-33.31.0.1.el6_10 | microcode_ctl-1.17-33.31.0.1.el6_10.x86_64.rpm |
Related
nessus
nessus
OracleVM 3.4 : microcode_ctl (OVMSA-2020-0053)
2020-11-20 00:00:00
Fedora 33 : 2:microcode_ctl (2020-2c8824c6b1)
2020-11-23 00:00:00
CentOS 7 : microcode_ctl (CESA-2020:5083)
2020-11-19 00:00:00
mageia
mageia
Updated microcode package fixes security vulnerabilities
2020-11-14 00:20:36
Updated microcode package fixes security vulnerabilities
2021-03-17 09:16:07
oraclelinux
oraclelinux
microcode_ctl security, bug fix and enhancement update
2020-11-17 00:00:00
microcode_ctl security, bug fix, and enhancement update
2020-11-17 00:00:00
Unbreakable Enterprise kernel security update
2020-11-10 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0422)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3514-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:14546-1)
2021-06-09 00:00:00
redhat
redhat
ubuntu
ubuntu
Intel Microcode regression
2020-11-12 00:00:00
Intel Microcode vulnerabilities
2021-05-17 00:00:00
Intel Microcode vulnerabilities
2020-11-11 00:00:00
suse
suse
Security update for ucode-intel (important)
2020-11-29 00:00:00
Security update for ucode-intel (important)
2020-11-27 00:00:00
Security update for ucode-intel (moderate)
2020-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: microcode_ctl-2.1-39.2.fc31
2020-11-20 01:29:29
[SECURITY] Fedora 33 Update: microcode_ctl-2.1-43.fc33
2020-11-22 01:27:43
[SECURITY] Fedora 32 Update: microcode_ctl-2.1-39.3.fc32
2020-11-29 01:15:00
osv
osv
intel-microcode - security update
2021-02-06 00:00:00
intel-microcode vulnerabilities
2020-11-11 06:56:58
intel-microcode regression
2020-11-12 01:14:30
centos
centos
microcode_ctl security update
2020-11-19 13:47:47
microcode_ctl security update
2021-08-09 15:29:53
cloudfoundry
cloudfoundry
USN-4628-3: Intel Microcode vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
USN-4628-1: Intel Microcode vulnerabilities | Cloud Foundry
2020-12-11 00:00:00
USN-4628-2: Intel Microcode regression | Cloud Foundry
2020-12-11 00:00:00
debian
debian
[SECURITY] [DLA 2546-1] intel-microcode security update
2021-02-05 18:48:10
intel
intel
2020.2 IPU - Intel® Processor Advisory
2021-02-16 00:00:00
2020.2 IPU - Intel® RAPL Interface Advisory
2021-05-11 00:00:00
f5
f5
K63290144 : Intel processor vulnerabilities CVE-2020-8696 and CVE-2020-8698
2020-11-20 00:00:00
K32512431 : Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695
2020-11-24 00:00:00
archlinux
archlinux
[ASA-202102-34] intel-ucode: information disclosure
2021-02-27 00:00:00
lenovo
lenovo
Intel RAPL Interface Advisory - Lenovo Support NL
2020-11-04 15:35:53
Intel RAPL Interface Advisory - Lenovo Support US
2020-11-04 15:35:53
threatpost
threatpost
Nvidia Warns Windows Gamers of GeForce NOW Flaw
2020-11-11 19:03:15
github
github
containerd allows RAPL to be accessible to a container
2023-12-19 21:17:06
/sys/devices/virtual/powercap accessible by default to containers
2023-10-30 15:25:44
citrix
citrix
Citrix Hypervisor Security Update
2020-11-12 04:00:00
ics
ics
Siemens Industrial PCs and CNC devices (Update A)
2022-12-15 12:00:00
rocky
rocky
microcode_ctl security, bug fix and enhancement update
2021-08-09 09:19:57
cve
cve
almalinux
almalinux
Important: microcode_ctl security, bug fix and enhancement update
2021-08-09 09:19:57
prion
prion
Improper access control
2020-11-12 18:15:00
Design/Logic Flaw
2020-11-12 18:15:00
Information disclosure
2020-11-12 18:15:00
alpinelinux
alpinelinux
CVE-2020-8698
2020-11-12 18:15:00
CVE-2020-8694
2020-11-12 18:15:00
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
veracode
veracode
Information Disclosure
2020-11-12 07:53:06
Information Disclosure
2020-11-16 04:59:24
Information Disclosure
2020-11-12 07:53:07
amazon
amazon
Medium: microcode_ctl
2021-06-16 20:37:00
cnvd
cnvd
Intel Processors Information Disclosure Vulnerability (CNVD-2022-05687)
2021-10-13 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Related for ELSA-2020-5084