Canonical has published a new security advisory today where the company behind the popular Ubuntu Linux operating system apologizes for a regression introduced by the latest Intel microcode firmware update.
On November 12th, 2019, Canonical publishedimportant kernel security updatesfor all supportedUbuntuLinux releases to address two flaws (CVE-2019-11135 and CVE-2019-11139) discovered by various security researchers in Intel processors using Transactional Synchronization Extensions (TSX), as well as on certain Intel Xeon processors.
While the first vulnerability could allow a local attacker to expose sensitive information, such as memory contents that were previously stored in microarchitectural buffers, the second issue could allow a local privileged attacker to cause a denial of service (system crash). The intel-microcode version that caused the regression was 3.20191112.
The link for this article located at Softpedia News is no longer available.