USN-7848-1: AMD Microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...

CVE-2024-36347

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged...

Ubuntu 25.04 : AMD Microcode vulnerability (USN-7560-1)

The remote Ubuntu 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7560-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Nava, Tavis Ormandy and Matteo Rizzo discovered that AMD Microcode incorrectly verified signatures. An attacker with local...

USN-7561-1 amd64-microcode vulnerabilities

It was discovered that AMD Microcode incorrectly handled memory addresses. An attacker with local administrator privilege could possibly use this issue to cause loss of integrity of a confidential guest running under AMD SEV-SNP. CVE-2023-20584, CVE-2023-31356 Josh Eads, Kristoffer Janke, Eduardo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a applymicrocodeamd return value error, which could result in the propagation of an incorrect value in the...

Updated microcode packages fix security vulnerability

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP. CVE-2024-56161...

AMD CPU Microcode Signature Verification Vulnerability

AMD ID: AMD-SB-7033 Potential Impact: Loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment Severity: Medium Summary Researchers from Google®have provided AMD with a report titled “AM...

Fedora 40 : microcode_ctl (2024-d20a106350)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d20a106350 advisory. - Update to upstream 2.1-47. 20241112 - Update of 06-8f-04/0x87 SPR-SP E0/S1 microcode in intel-ucode/06-8f-05 from revision 0x2b0005c0 up to...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)

A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features...

USN-7077-1: AMD Microcode vulnerability

Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode SMM configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : AMD Microcode vulnerability (USN-7077-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7077-1 advisory. Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access ...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

USN-6485-1 intel-microcode vulnerability

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some IntelR Processors did not properly...

USN-6319-1 amd64-microcode vulnerability

Daniël Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel...

USN-6244-1 amd64-microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

USN-6244-1: AMD Microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...