Several security issues were fixed in Intel Microcode.
Software Description:
- intel-microcode: Processor microcode for Intel CPUs
Details:
Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel®
Processors did not properly implement Finite State Machines (FSMs) in
Hardware Logic. A local privileged attacker could use this issue to cause a
denial of service. (CVE-2024-31068)
It was discovered that some Intel® Processors with Intel® SGX did not
properly restrict access to the EDECCSSA user leaf function. A local
authenticated attacker could use this issue to cause a denial of
service. (CVE-2024-36293)
Ke Sun, Alyssa Milburn, Benoit Morgan, and Erik Bjorge discovered that the
UEFI firmware for some Intel® processors did not properly restrict
access. An authenticated local attacker could use this issue to cause a
denial of service. (CVE-2024-39279)
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.10
intel-microcode 3.20250211.0ubuntu0.24.10.1
Ubuntu 22.04 LTS
intel-microcode 3.20250211.0ubuntu0.22.04.1
Ubuntu 20.04 LTS
intel-microcode 3.20250211.0ubuntu0.20.04.1
Ubuntu 18.04 LTS
intel-microcode 3.20250211.0ubuntu0.18.04.1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
intel-microcode 3.20250211.0ubuntu0.16.04.1+esm1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.https://ubuntu.com/security/notices/USN-7269-1
CVE-2024-31068, CVE-2024-36293, CVE-2024-39279
Get the latest Linux and open source security news straight to your inbox.