Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Debian: DSA-5474-1 Critical Update on Intel Microcode Threats

debian
Calendar Grey August 11, 2023
Debian Logo
Explore the latest security patch for Intel processors in Debian Advisory DSA-5474-1, which tackles various weaknesses.
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities

Summary

CVE-2022-40982

Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware
vulnerability which allows unprivileged speculative access to data
which was previously stored in vector registers.

For details please refer to
and
.

CVE-2022-41804

Unauthorized error injection in Intel SGX or Intel TDX for some
Intel Xeon Processors which may allow a local user to potentially
escalate privileges.

CVE-2023-23908

Improper access control in some 3rd Generation Intel Xeon Scalable
processors may result in an information leak.

For the oldstable distribution (bullseye), these problems have been fixed
in version 3.20230808.1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 3.20230808.1~deb12u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/source-package/intel-microcode

Furth...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: intel-microcode
CVE ID: CVE-2022-40982 CVE-2022-41804 CVE-2023-23908

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here