Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support

Intel has halted patches for an array of older chips that would protect them against the Spectre vulnerability, according to a recent microcode update. The microcode update shows that its older products – including Wolfdale, Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, SoFIA 3GR,...

USN-3531-3 intel-microcode update

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...

openSUSE Security Update : ucode-intel (openSUSE-2018-266) (Spectre)

This update for ucode-intel fixes the following issues : The Intel CPU microcode version was updated to version 20180312. This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws boo1085207 CVE-2017-5715 - New Platforms - BDX-DE EGW A0 6-56-5:10 e000009 - SKX B1 6-55-3:97 10001...

SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2018:0708-1) (Spectre)

This update for ucode-intel fixes the following issues: The Intel CPU microcode version was updated to version 20180312. This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws boo1085207 CVE-2017-5715 - New Platforms - BDX-DE EGW A0 6-56-5:10 e000009 - SKX B1 6-55-3:97 100014...

Scientific Linux Security Update : microcode_ctl on SL6.x, SL7.x i386/x86_64 (20180116) (Spectre)

This update supersedes the previous microcode update provided with the CVE-2017-5715 Spectre CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the Spectre mitigation that could lead to system instabilities. As a result, th...

microcode_ctl security update

1:1.17-25.4.0.2 - Revert: early microcode load to allow updating Broadwell model 79 - Revert: Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Revert: Run dracut upon microcode update - Revert updated Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23...

Scientific Linux Security Update : linux-firmware on SL7.x (noarch) (20180116) (Spectre)

This update supersedes the previous microcode update provided with the CVE-2017-5715 Spectre CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the Spectre mitigation that could lead to system instabilities. As a result, th...

CentOS 6 / 7 : microcode_ctl (CESA-2018:0093) (Spectre)

An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red H...

Oracle Linux 6 / 7 : microcode_ctl (ELSA-2018-0093) (Spectre)

From Red Hat Security Advisory 2018:0093 : An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterpri...

microcode_ctl security update

1:1.17-25.4.0.1 - Enable early microcode load to allow updating Broadwell model 79 - Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Run dracut upon microcode update - Add updated Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4...

(RHSA-2018:0094) Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has provided updated microcode,...

[SECURITY] Fedora 26 Update: microcode_ctl-2.1-20.fc26

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

Ubuntu 14.04 LTS / 16.04 LTS : Intel Microcode update (USN-3531-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3531-1 advisory. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...

SUSE-SU-2018:0068-1 Security update for microcode_ctl

Update to Intel microcode version 20180108 bsc1075262 CVE-2017-5715 - The pre-released microcode fixing some important security issues is now officially published and included in the added tarball. Among other updates it contains: - IVT C0 06-3e-04:ed 428-42a - SKL-U/Y D0 06-4e-03:c0 ba-c2 -...

[SECURITY] Fedora 27 Update: microcode_ctl-2.1-20.fc27

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

OracleVM 3.4 : microcode_ctl (OVMSA-2018-0003)

The remote OracleVM system is missing necessary patches to address critical security updates : - Enable early microcode load to allow updating Broadwell model 79 - Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Run dracut upon microcode update - Update Intel CPU microde fo...

Experts Weigh In On Spectre Patch Challenges

The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Currently, vendors are focused on three main mitigation efforts. Patches that address the...

Security update for kernel-firmware (important)

This update for kernel-firmware fixes the following issues: - Add microcodeamdfam17h.bin bsc1068032 CVE-2017-5715 This new firmware disables branch prediction on AMD family 17h processor to mitigate an attack on the branch predictor that could lead to information disclosure from e.g. kernel memor...

CentOS 6 : microcode_ctl (CESA-2018:0013) (Spectre)

An update for microcodectl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Bug Fix Advisory: dracut bug fix update

Updated dracut packages that fix one bug are now available for Red Hat Enterprise Linux 7. The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kerne...