Security Information / 2020 / Security Information -- DSA-4701-1 intel-microcode

Debian Security Advisory

DSA-4701-1 intel-microcode -- security update

Date Reported:

11 Jun 2020

Affected Packages:

intel-microcode

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2020-0543, CVE-2020-0548, CVE-2020-0549.

More information:

This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.

The microcode update for HEDT and Xeon CPUs with signature 0x50654 which was reverted in DSA 4565-2 is now included again with a fixed release.

The upstream update for Skylake-U/Y (signature 0x406e3) had to be excluded from this update due to reported hangs on boot.

For details refer to https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html

For the oldstable distribution (stretch), these problems have been fixed in version 3.20200609.2~deb9u1.

For the stable distribution (buster), these problems have been fixed in version 3.20200609.2~deb10u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode