Debian has issued an advisory on June 11: https://www.debian.org/security/2020/dsa-4701 The issues are fixed in 20200609. RedHat has also issued an advisory for this on June 9: https://access.redhat.com/errata/RHSA-2020:2431 Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Ubuntu has also issued advisories for this, the second fixing a regression: https://usn.ubuntu.com/4385-1/ https://usn.ubuntu.com/4385-2/
Assigning to Thomas.
Assignee: bugsquad => tmb
Fedora has issued an advisory for this on June 19: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/
Assignee: tmb => kernel
Suggested advisory: ======================== The updated package fixes security vulnerabilities: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0543) Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0548) Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0549) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0548 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0549 https://www.debian.org/security/2020/dsa-4701 https://access.redhat.com/errata/RHSA-2020:2431 https://usn.ubuntu.com/4385-1/ https://usn.ubuntu.com/4385-2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/ ======================== Updated package in core/updates_testing: ======================== microcode-0.20200609-1.mga7.nonfree from SRPM: microcode-0.20200609-1.mga7.nonfree.src.rpm
Assignee: kernel => qa-bugsCC: (none) => nicolas.salgueroWhiteboard: MGA7TOO => (none)CVE: (none) => CVE-2020-0543, CVE-2020-0548, CVE-2020-0549Status: NEW => ASSIGNEDSource RPM: microcode-0.20200520-1.mga8.nonfree.src.rpm => microcode-0.20200520-1.mga7.nonfree.src.rpmVersion: Cauldron => 7
Please use the latest 20200616. Intel had to revert the microcode updates for: SKL-U/Y D0 6-4e-3/c0 000000dc->000000d6 Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000dc->000000d6 Core Gen6 Mobile SKL-H/S R0/N0 6-5e-3/36 000000dc->000000d6 Core Gen6; Xeon E3 v5 as the fixes in 20200609 caused systems to not boot...
CC: (none) => tmbKeywords: (none) => feedback
CC: tmb => (none)
Suggested advisory: ======================== The updated package fixes security vulnerabilities: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0543) Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0548) Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2020-0549) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0548 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0549 https://www.debian.org/security/2020/dsa-4701 https://access.redhat.com/errata/RHSA-2020:2431 https://usn.ubuntu.com/4385-1/ https://usn.ubuntu.com/4385-2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/ ======================== Updated package in core/updates_testing: ======================== microcode-0.20200616-1.mga7.nonfree from SRPM: microcode-0.20200616-1.mga7.nonfree.src.rpm
Keywords: feedback => (none)
System: Host: canopus Kernel: 5.6.14-desktop-2.mga7 x86_64 CPU: 10-Core: Intel Core i9-7900X type: MT MCP speed: 1200 MHz nvidia v: 430.64 Updated microcode - rebooted $ sudo journalctl -xb | grep microcode Jul 22 15:13:03 canopus kernel: microcode: microcode updated early to revision 0x2006906, date = 2020-04-24 Jul 22 15:13:03 canopus kernel: microcode: sig=0x50654, pf=0x4, revision=0x2006906 Jul 22 15:13:03 canopus kernel: microcode: Microcode Update Driver: v2.2. Confused as usual by the dates. Does this look correct?
CC: (none) => tarazed25
Host: difda Kernel: 5.6.14-desktop-2.mga7 x86_64 Desktop System: MSI product: MS-7816 v: 3.0 Intel Core i7-4790 type: MT MCP speed: 3935 MHz OpenGL: renderer: GeForce GTX 970/PCIe/SSE2 v: 4.6.0 NVIDIA 430.64 $ dmesg | grep microcode [ 0.000000] microcode: microcode updated early to revision 0x28, date = 2019-11-12 [ 0.603224] microcode: sig=0x306c3, pf=0x2, revision=0x28 [ 0.603447] microcode: Microcode Update Driver: v2.2.
on mga7-64 package installed cleanly: - microcode-0.20200616-1.mga7.nonfree.noarch Executed 'dracut -f' and rebooted no regressions observed OK for mga7-64 on this system: Mobo: Dell model: 09WH54 v: UEFI [Legacy]: Dell v: 2.15.0 CPU: Intel Core i7-6700 Graphics: Intel HD Graphics 530
CC: (none) => jim
HP Probook 6550b, 64-bit Plasma system. I don't believe this update is supposed to affect the first-generation i3 in this machine, and indeed it appears that it doesn't. Installed the package, and rebooted. dmesg | grep microcode [ 0.000000] microcode: microcode updated early to revision 0x11, date = 2018-05-08 [ 0.000462] MDS: Vulnerable: Clear CPU buffers attempted, no microcode [ 1.130743] microcode: sig=0x20652, pf=0x10, revision=0x11 [ 1.130814] microcode: Microcode Update Driver: v2.2. Date indicates a 2018 code, so no change. And, everything still works as it did before the update, so OK here.
CC: (none) => andrewsfarm
MGA7-64 Plasma on Lenovo B50 i5-5200U CPU No installation issues Rebooted after installation, works OK
CC: (none) => herman.viaene
i5-2500, Intel motherboard, 64-bit Plasma system. I don't believe this update is supposed to affect this second-generation i5 either, and it looks like it didn't. Installed the package, and rebooted. $ dmesg | grep microcode [ 0.000000] microcode: microcode updated early to revision 0x2f, date = 2019-02-17 [ 0.765896] microcode: sig=0x206a7, pf=0x2, revision=0x2f [ 0.765996] microcode: Microcode Update Driver: v2.2. Note the 2019 date. And, everything still seems to work as it's supposed to.
Updated and rebooted two days ago. Been running virtualbox, BOINC, all normal mga7-64, Plasma, nvidia-current, kernel 5.6.14-desktop-2.mga7 Machine Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, Nvidia GM107 [GeForce GTX 750] sudo journalctl -b | grep microcode [sudo] lösenord för morgan: jul 23 00:19:10 svarten.tribun kernel: microcode: microcode updated early to revision 0x21, date = 2019-02-13 jul 23 00:19:10 svarten.tribun kernel: microcode: sig=0x306a9, pf=0x2, revision=0x21 jul 23 00:19:10 svarten.tribun kernel: microcode: Microcode Update Driver: v2.2.
CC: (none) => fri
I'm going to send this one along. Advisory in Comment 6.
Whiteboard: (none) => MGA7-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0298.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED