Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Red Hat Enterprise Linux 8.1 RHSA-2021:3176-01 Important: Microcode Update

Calendar Aug 17, 2021 User Avatar LinuxSecurity Advisories
2 - 4 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory red hat privilege escalation important information disclosure microcode update intel processor
An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: microcode_ctl security, bug fix and enhancement update
Advisory ID:       RHSA-2021:3176-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:3176
Issue date:        2021-08-17
CVE Names:         CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 
                   CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 
                   CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 
====================================================================
1. Summary:

An update for microcode_ctl is now available for Red Hat Enterprise Linux
8.1 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - x86_64

3. Description:

The microcode_ctl packages provide microcode updates for Intel.

Security Fixes:

* hw: Vector Register Data Sampling (CVE-2020-0548)

* hw: L1D Cache Eviction Sampling (CVE-2020-0549)

* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)

* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)

* hw: Vector Register Leakage-Active (CVE-2020-8696)

* hw: Fast forward store predictor (CVE-2020-8698)

* hw: vt-d related privilege escalation (CVE-2020-24489)

* hw: improper isolation of shared resources in some Intel Processors(CVE-2020-24511)

* hw: observable timing discrepancy in some Intel Processors(CVE-2020-24512)

Bug Fix(es):

* [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest
microcode updates (BZ#1972327)

* [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1)  latest
microcode updates (BZ#1972331)

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1788786 - CVE-2020-0548 hw: Vector Register Data Sampling
1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling
1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS)
1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface
1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active
1890356 - CVE-2020-8698 hw: Fast forward store predictor
1962650 - CVE-2020-24489 hw: vt-d related privilege escalation
1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors1972327 - [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates
1972331 - [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1)  latest microcode updates

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v. 8.1):

Source:
microcode_ctl-20190618-1.20210608.1.el8_1.src.rpm

x86_64:
microcode_ctl-20190618-1.20210608.1.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key

7. References:

https://access.redhat.com/security/cve/CVE-2020-0543
https://access.redhat.com/security/cve/CVE-2020-0548
https://access.redhat.com/security/cve/CVE-2020-0549
https://access.redhat.com/security/cve/CVE-2020-8695
https://access.redhat.com/security/cve/CVE-2020-8696
https://access.redhat.com/security/cve/CVE-2020-8698
https://access.redhat.com/security/cve/CVE-2020-24489
https://access.redhat.com/security/cve/CVE-2020-24511
https://access.redhat.com/security/cve/CVE-2020-24512
https://access.redhat.com/security/updates/classification#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYRt0VNzjgjWX9erEAQjLEhAAmU+Wa567T4GP1Ib92ZJhzoidbsa0o4M/
3c8Puvp/EzZpRgOTlCJ5ZspxQQV8/uT/2lUmFT4sTEsJasbT42nX0962fQNtGQjX
k03wInem61ZGDdOaPzgwCOtGnWKmAhkd+22qzBQaBY4QDTa4I+yP8qJ3wFzNXkV1
YCorxBl67z5JQP3vs+FGTTzxsQMvSn5Q7Hf+vijLx76ecC52v6zTqGx+WPTP3DX/
oEi7j8MpXhAMw+m6NO0/ysXVVjmHWY9u3a+8X1JHTQWKyhSmFTHTjD9L/L8O3z+6
L9pYIY7NQJWZx6NLR12cVDgx9w+PBjem+JcNeOliwHD8RqKzufcd6EKId3X8hq3y
j9i6ZKfz2H3ZYdRtQeviEDfGJhg0ZHHqrhqzNfavsToqQtD0tOyaYJLPL5euapLT
Ep+ngSEKJPlrmFh3/Gl+XiyoQVQMNq7pVf0onW8BqiEpuILBuCWtiV2YU7nJN9s1
9xpCo87yBz7hu4vIivi4GQ/7jjJzWt9ftmyJp2RRicf97G/SF8JR8uifX2dWAS9M
UYGHkSto5OBnyOUUuoF61w//GRy4iX55W50PtfHjxIwckqxmwLVxcE7VFQiyga2K
1EH7FFhsAozxve3AdHgWXPqOPZ30uobu5zrV3Q+DtP2JjU51orFH/9D5mLtJcXTL
F/0+gTbtAd8=tIPK
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Red Hat Enterprise Linux 8.1 RHSA-2021:3176-01 Important: Microcode Update

red hat
Calendar Grey August 17, 2021
Dist Redhat Esm H88
Essential microcode patch for CentOS Stream addressing multiple vulnerabilities. Ensure your system is fortified with the newest improvements.
An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.1 Extended Update Support

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Summary

The microcode_ctl packages provide microcode updates for Intel.
Security Fixes:
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors(CVE-2020-24512)
Bug Fix(es):
* [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates (BZ#1972327)
* [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1) latest microcode updates (BZ#1972331)

Topics%20covered

Topics Covered

security advisory red hat privilege escalation important information disclosure microcode update intel processor

References

https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/updates/classification#important

Package List

Red Hat Enterprise Linux BaseOS EUS (v. 8.1):
Source: microcode_ctl-20190618-1.20210608.1.el8_1.src.rpm
x86_64: microcode_ctl-20190618-1.20210608.1.el8_1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2021:3176-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3176
Issue date: 2021-08-17

Topic

An update for microcode_ctl is now available for Red Hat Enterprise Linux8.1 Extended Update Support.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory red hat privilege escalation important information disclosure microcode update intel processor

Relevant Releases Architectures

Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - x86_64

Bugs Fixed

1788786 - CVE-2020-0548 hw: Vector Register Data Sampling

1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling

1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS)

1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface

1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active

1890356 - CVE-2020-8698 hw: Fast forward store predictor

1962650 - CVE-2020-24489 hw: vt-d related privilege escalation

1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors1972327 - [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates

1972331 - [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1) latest microcode updates

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here