[SECURITY] [DLA 2718-1] intel-microcode security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2718-1] intel-microcode security update
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Mon, 26 Jul 2021 13:35:58 +0530
Message-id: <[🔎] CAPP0f94c_3x-AC4nGADUqNYzvYJcVXoVDD4eB1d-xkRawL+hMQ@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2718-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
July 23, 2021                               https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : intel-microcode
Version        : 3.20210608.2~deb9u2
CVE ID         : CVE-2020-24489 CVE-2020-24511 CVE-2020-24512
                 CVE-2020-24513

This update ships updated CPU microcode for some types of Intel CPUs
and provides mitigations for security vulnerabilities which could
result in privilege escalation in combination with VT-d and various
side channel attacks.

For Debian 9 stretch, these problems have been fixed in version
3.20210608.2~deb9u2.

Please note that one of the processors is not receiving this update
and so the users of 0x906ea processors that don't have Intel Wireless
on-board can use the package from the buster-security, instead.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmD+bJIACgkQgj6WdgbD
S5ZCuA/+OIKeQYxCKSf7o0oxCUZC1/BiKlVggJhX4zOsW4tGLjlKEb9B9yDXD7uS
zRg8LFuS5OdVHgZ5wR4f9HsV0AsWi0moM1J+QZZkwh2Oaf7KoRxbXLZl407F3tVl
yJY89Q95RjM30E2YDgoHBnOnOkknebMI2/1bYC4YLOnQNzFCh/GCvwyOX2YdZ0Rg
kP3t6/2chcyaBFRYKMjRSiJVrFp03N+xmvoLtsAEhIaomwBXGBTCqLrcFAnB7av6
vYNQzi4OTBdCKg5g9c5yxCtIAaty2d7pqkRIUHU8Wn3bpv6FkdTudpEAp3XADKSB
ZhZSFo3V9LLVdD089GYrhQapl6Z74cCoJMar5unE9wuybVSxycvn6CAfU+lwlfqA
fjBgh9/+Ue/fyqHAYDBdJA0uIwBN3Bnh/P9ISCdfzobG4MYuW+GFqFHgClqQ5WGN
zDMM/dkSkqQvVrQ5AJdrt//WVmnO1qbEn6Gyc0wdlu/kpE72jKdA1fbLlgU6oRvE
qDzc7wPfMtou042TkOk6ztFwRaF3Rul7ayBekCUvyDCI2us6EXaQcEyOu0z6C3hi
gjQVMYWh0TMv4A2UgO4ST+Fz6y3c+uWLRUuQsQ9bx9I2SvaVfeAnBx8COxizty/8
DOeo90dGTywRiLtdBQC14v8FXcSvSy7VsQU8JJjhGWfJWyIsKzk=
=ilUe
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2720-1] aspell security update
Next by Date: [SECURITY] [DLA 2721-1] drupal7 security update
Previous by thread: [SECURITY] [DLA 2720-1] aspell security update
Next by thread: [SECURITY] [DLA 2721-1] drupal7 security update
Index(es):
- Date
- Thread