Bug 29095 - Update request: microcode-0.20210608-1.mga8/7.nonfree
Summary: Update request: microcode-0.20210608-1.mga8/7.nonfree
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7TOO, MGA8-64-OK, MGA7-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2021-06-08 21:18 CEST by Thomas Backlund
Modified: 2021-06-13 23:34 CEST (History)
3 users (show)

See Also:
Source RPM: microcode
CVE:
Status comment:


Attachments

Description Thomas Backlund 2021-06-08 21:18:06 CEST
microcode security updates for Intel Gen6+ ...

For a long reference list, see:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608 


SRPM:
microcode-0.20210608-1.mga8/7.nonfree

noarch:
microcode-0.20210608-1.mga8/7.nonfree
Thomas Backlund 2021-06-08 21:18:15 CEST

Whiteboard: (none) => MGA7TOO

Comment 1 Len Lawrence 2021-06-09 19:02:08 CEST
Mageia 8
Updated fine on 10-Core Intel Core i9-7900X [MT MCP]

$ dmesg | grep microcode
[    0.000000] microcode: microcode updated early to revision 0x2006b06, date = 2021-03-08
[    0.791922] microcode: sig=0x50654, pf=0x4, revision=0x2006b06
[    0.791995] microcode: Microcode Update Driver: v2.2.
[    4.694916] em28xx 1-3:1.0: 	microcode start address = 0x0004, boot configuration = 0x01

The system rebooted and running fine.

CC: (none) => tarazed25

Comment 2 Len Lawrence 2021-06-09 19:15:05 CEST
Mageia 7
5.10.41-desktop-1.mga7

Rebooted fine.
$ dmesg | grep microcode
[    0.000000] microcode: microcode updated early to revision 0x28, date = 2019-11-12
[    0.582231] microcode: sig=0x306c3, pf=0x2, revision=0x28
[    0.582364] microcode: Microcode Update Driver: v2.2.
$ rpm -q microcode
microcode-0.20210608-1.mga7.nonfree

System running fine.
Intel Core i7-4790
Comment 3 Morgan Leijström 2021-06-10 21:11:20 CEST
mga8 - 64, Intel i7-3770, Kernel 5.12.8-desktop-1.mga8
without problems in operation and nothing i find suspect in journal
incl BOINC and VirtualBox, nvidia-current
Most packages are updated to testing

CC: (none) => fri

Comment 4 Thomas Backlund 2021-06-13 21:14:13 CEST
Advisory, added to svn:

type: security
subject: Updated microcode packages fix security vulnerabilities
CVE:
 - CVE-2020-24489
 - CVE-2020-24511
 - CVE-2020-24513
src:
  8:
   nonfree:
     - microcode-0.20210608-1.mga8.nonfree
  7:
   nonfree:
     - microcode-0.20210608-1.mga7.nonfree
description: |
  Updated microcodes for Intel processors, fixing various functional
  issues, and atleast the following security issues:
  
  Incomplete cleanup in some Intel(R) VT-d products may allow an
  authenticated user to potentially enable escalation of privilege
  via local access (CVE-2020-24489).

  Improper isolation of shared resources in some Intel(R) Processors may
  allow an authenticated user to potentially enable information disclosure
  via local access (CVE-2020-24511).

  Domain-bypass transient execution vulnerability in some Intel Atom(R)
  Processors may allow an authenticated user to potentially enable information
  disclosure via local access (CVE-2020-24513).

  For more info about this updatae, see the refenced links.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=29095
 - https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
 - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
 - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
 - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html

Keywords: (none) => advisory

Comment 5 Thomas Backlund 2021-06-13 22:02:42 CEST
Works here too, and in Cauldron, so flushing  out

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: MGA7TOO => MGA7TOO, MGA8-64-OK, MGA7-64-OK

Comment 6 Mageia Robot 2021-06-13 23:34:54 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0256.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.