Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 40: FEDORA-2024-96f3c3f3 High: Microcode Update Security Advisory

fedora
Calendar Grey August 8, 2024
Dist Fedora Esm H88
This Debian security bulletin provides essential updates for firmware, highlighting vulnerabilities and recommended measures.
Update to upstream 2.1-43

Summary

The microcode_ctl utility is a companion to the microcode driver written

by Tigran Aivazian .

The microcode update is volatile and needs to be uploaded on each system

boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts

back to the old microcode.

Update Information:

Update to upstream 2.1-43. 20240531 Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c; Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at revision 0x4121; Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at revision 0x4121; Addition of 06-ba-08/0xe0 microcode at revision 0x4121; Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision 0x21000230; Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) at revision 0x21000230; Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) at revision 0x21000230; Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision 0x21000230; Removal of 06-8f-04/0x10 microcode at revision 0x2c000290; Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b0004d0; Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision ...

Topics%20covered

Topics Covered

security advisory local privilege escalation Fedora DoS information disclosure microcode update CVE addressing

Change Log

* Mon Aug 5 2024 Eugene Syromiatnikov 2:2.1-61.1 - Update to upstream 2.1-43. 20240531 - Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at revision 0x4121; - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4121; - Addition of 06-ba-08/0xe0 microcode at revision 0x4121; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) at revision 0x21000230; - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) at revision 0x21000230; - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision 0x21000230; - Removal of 06-8f-04/0x10 microcode at revision 0x2c000290; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b0004d0; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181 up to 0x1000191; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604 up to 0x4003605; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003604 up to 0x5003605; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703 up to 0x7002802; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe000014 up to 0xe000015; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up to 0x3e; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9 up to 0xd0003d1; - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268 up to 0x1000290; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up to 0x42; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up to 0x24; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2 up to 0xc4; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision 0xb4 up to 0xb6; - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up to 0x36; - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up to 0x50; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode from revision 0xf8 up to 0xfa; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000290 up to 0x2c000390; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b0004d0 up to 0x2b0005c0; - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up to 0x19; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x430 up to 0x433; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x430 up to 0x433; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430 up to 0x433; - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up to 0x7; - Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024 up to 0x24000026; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from revision 0xf4 up to 0xf8; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf4 up to 0xf6; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision 0xf4 up to 0xf6; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0xfa up to 0xfc; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8 up to 0xfa; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xf8 up to 0xfa; - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up to 0x5e; - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up to 0x123; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x411c up to 0x4121; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x411c up to 0x4121; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c up to 0x4121; - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up to 0x17; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up to 0x35. - Addresses CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733, CVE-2023-46103, CVE-2023-49141

References


[ 1 ] Bug #2270698 - CVE-2023-22655 kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R) https://bugzilla.redhat.com/show_bug.cgi?id=2270698 [ 2 ] Bug #2270700 - CVE-2023-28746 kernel: Local information disclosure on Intel(R) Atom(R) processors https://bugzilla.redhat.com/show_bug.cgi?id=2270700 [ 3 ] Bug #2270701 - CVE-2023-38575 kernel: Local information disclosure in some Intel(R) processors https://bugzilla.redhat.com/show_bug.cgi?id=2270701 [ 4 ] Bug #2270703 - CVE-2023-39368 kernel: Possible Denial of Service on Intel(R) Processors https://bugzilla.redhat.com/show_bug.cgi?id=2270703 [ 5 ] Bug #2270704 - CVE-2023-43490 kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode https://bugzilla.redhat.com/show_bug.cgi?id=2270704 [ 6 ] Bug #2292296 - CVE-2023-45733 intel-microcode: Race conditions in some Intel(R) Processors ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-96f3c3f3d3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: microcode_ctl
Product: Fedora 40
Version: 2.1
Release: 61.1.fc40
URL: https://pagure.io/microcode_ctl
Summary: Tool to transform and deploy CPU microcode update for x86

Topics%20covered

Topics Covered

security advisory local privilege escalation Fedora DoS information disclosure microcode update CVE addressing

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here