Linux Security
    Linux Security
    Linux Security

    Ubuntu 4385-1: Intel Microcode vulnerabilities

    Date
    491
    Posted By
    Several security issues were fixed in Intel Microcode.
    ==========================================================================
    Ubuntu Security Notice USN-4385-1
    June 09, 2020
    
    intel-microcode vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 20.04 LTS
    - Ubuntu 19.10
    - Ubuntu 18.04 LTS
    - Ubuntu 16.04 LTS
    - Ubuntu 14.04 ESM
    
    Summary:
    
    Several security issues were fixed in Intel Microcode.
    
    Software Description:
    - intel-microcode: Processor microcode for Intel CPUs
    
    Details:
    
    It was discovered that memory contents previously stored in
    microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY
    read operations on Intel client and Xeon E3 processors may be briefly
    exposed to processes on the same or different processor cores. A local
    attacker could use this to expose sensitive information. (CVE-2020-0543)
    
    It was discovered that on some Intel processors, partial data values
    previously read from a vector register on a physical core may be propagated
    into unused portions of the store buffer. A local attacker could possible
    use this to expose sensitive information. (CVE-2020-0548)
    
    It was discovered that on some Intel processors, data from the most
    recently evicted modified L1 data cache (L1D) line may be propagated into
    an unused (invalid) L1D fill buffer. A local attacker could possibly use
    this to expose sensitive information. (CVE-2020-0549)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 20.04 LTS:
      intel-microcode                 3.20200609.0ubuntu0.20.04.0
    
    Ubuntu 19.10:
      intel-microcode                 3.20200609.0ubuntu0.19.10.0
    
    Ubuntu 18.04 LTS:
      intel-microcode                 3.20200609.0ubuntu0.18.04.0
    
    Ubuntu 16.04 LTS:
      intel-microcode                 3.20200609.0ubuntu0.16.04.0
    
    Ubuntu 14.04 ESM:
      intel-microcode                 3.20200609.0ubuntu0.14.04.0
    
    After a standard system update you need to reboot your computer to
    make all the necessary changes.
    
    References:
      https://usn.ubuntu.com/4385-1
      CVE-2020-0543, CVE-2020-0548, CVE-2020-0549,
      https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS
    
    Package Information:
      https://launchpad.net/ubuntu/+source/intel-microcode/3.20200609.0ubuntu0.20.04.0
      https://launchpad.net/ubuntu/+source/intel-microcode/3.20200609.0ubuntu0.19.10.0
      https://launchpad.net/ubuntu/+source/intel-microcode/3.20200609.0ubuntu0.18.04.0
      https://launchpad.net/ubuntu/+source/intel-microcode/3.20200609.0ubuntu0.16.04.0
    

    Advisories

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.