Lucene search

K
oraclelinuxOracleLinuxELSA-2022-9670
HistoryAug 01, 2022 - 12:00 a.m.

microcode_ctl security update

2022-08-0100:00:00
linux.oracle.com
36

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

[3:1.17-33.31.0.3]

  • update 06-55-04 to 0x2006d05
  • update 06-55-07 to 0x5003302
  • update 06-6a-04 to 0xb000280
  • update 06-6a-06 to 0xd000375
    [3:1.17-33.31.0.2]
  • update Intel microcode bundle to 20210608
    [3:1.17-33.31.0.1]
  • recognize the ‘force-intel’ file path available on EL7+ [orabug 31655792]
  • disable live load during %post due to UEK4 rendezvous timeouts [orabug 31655792]
  • merge Oracle changes for early load via dracut
  • remove no longer appropriate caveats for 06-2d-07 and 06-55-04
  • remove other caveat support to be compatible with early load logic
  • enable late load on install for UEK4 kernels marked safe (except BDW-79)
  • set early_microcode=‘no’ in virtualized guests to avoid early load bugs [Orabug: 30618737]

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N