Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 23.10: USN-6485-1 Critical: Intel Microcode DoS Risk

ubuntu
Calendar Grey November 17, 2023
Dist Ubuntu Esm H88
Ubuntu Security Alert USN-6486-1 released on November 18, 2023, addresses a vulnerability in the linux-kernel that may lead to data leaks.
The system could be made to crash or expose sensitive information under certain conditions.

Summary

The system could be made to crash or expose sensitive information under certain

conditions.

Software Description:

- intel-microcode: Processor microcode for Intel CPUs

Details:

Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn,

Hisham Shafi, Nir Shlomovich, Tavis Ormandy, Daniel Moghimi, Josh Eads, Salman

Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik

Shtoyk discovered that some Intel(R) Processors did not properly handle certain

sequences of processor instructions. A local attacker could possibly use this to

cause a core hang (resulting in a denial of service), gain access to sensitive

information or possibly escalate their privileges.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
  intel-microcode                 3.20231114.0ubuntu0.23.10.1

Ubuntu 23.04:
  intel-microcode                 3.20231114.0ubuntu0.23.04.1

Ubuntu 22.04 LTS:
  intel-microcode                 3.20231114.0ubuntu0.22.04.1

Ubuntu 20.04 LTS:
  intel-microcode                 3.20231114.0ubuntu0.20.04.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
  intel-microcode                 3.20231114.0ubuntu0.18.04.1+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
  intel-microcode                 3.20231114.0ubuntu0.16.04.1+esm1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6485-1

CVE-2023-23583

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6485-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here