Sicherheit: Zwei Probleme in intel-microcode

Lesezeichen hinzufügen

--===============3062873044501699460==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="2iBwrppp/7QCDedR"
Content-Disposition: inline

--2iBwrppp/7QCDedR
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inlin
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-4182-1
November 12, 2019

intel-microcode update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.10
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Intel Microcode.

Software Description:
- intel-microcode: Processor microcode for Intel CPUs

Details:

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo,
Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz
Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel
processors using Transactional Synchronization Extensions (TSX) could
expose memory contents previously stored in microarchitectural buffers to a
malicious process that is executing on the same CPU core. A local attacker
could use this to expose sensitive information. (CVE-2019-11135)

It was discovered that certain Intel Xeon processors did not properly
restrict access to a voltage modulation interface. A local privileged
attacker could use this to cause a denial of service (system crash).
(CVE-2019-11139)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
intel-microcode 3.20191112-0ubuntu0.19.10.2

Ubuntu 19.04:
intel-microcode 3.20191112-0ubuntu0.19.04.2

Ubuntu 18.04 LTS:
intel-microcode 3.20191112-0ubuntu0.18.04.2

Ubuntu 16.04 LTS:
intel-microcode 3.20191112-0ubuntu0.16.04.2

After a standard system update you need to reboot your computer.
Please note that in order to fully mitigate CVE-2019-11139, a warm
reboot is required *after* applying the microcode update; so in effect
a second reboot.

References:
https://usn.ubuntu.com/4182-1
CVE-2019-11135, CVE-2019-11139,
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915

Package Information:
https://launchpad.net/ubuntu/+source/intel-microcode/3.20191112-0ubuntu0.19.10.2
https://launchpad.net/ubuntu/+source/intel-microcode/3.20191112-0ubuntu0.19.04.2
https://launchpad.net/ubuntu/+source/intel-microcode/3.20191112-0ubuntu0.18.04.2
https://launchpad.net/ubuntu/+source/intel-microcode/3.20191112-0ubuntu0.16.04.2

--2iBwrppp/7QCDedR
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl3LLe0ACgkQLwmejQBe
gfTVshAAjUguqb7PZjQb8YBwdLkuJmdsg+I8/BxjIy0jMi/vvtTy+wTgN7Hbt5lG
rfakgtb9m4//0L5IYYeTYLBT7JXLPieBLAK/MTvmXrDGKC9U7vNDRTNSh75M45O2
maeQe7vmA17sqgmsU/rlTa7ZgPObCXC9WVP7dulACikEhFpJF0pBvSLk2Plet4UQ
gd18IDa69HImYW0QNv/G/9qrxebqHnvOOd8hLBWa/55k0rnl/Wl23yBiopWNKduh
6iH6FqL2vHr7kq9HpGgGLlhDVfav3o0HgEHURljmX3Ck33vzkW+gFrQNkj+JzDm6
DoHZOXnxU/nr0unsAOyb6F2mSadMQWvTayPvt4sJVAPM9aILYj3k7OWMJcBLkx6Y
R1CXGU8kAW8YeQXG3C8OFSJr2G8g/3SFLDBCD+1esElzn/k4fImCF4n6ACZ0ijpG
hHSeZJwDa4S72qKs5xiv8XaaQq08FFyqh7ipTjkpj36n0qTXkbMwWbwTPR02Lfok
kVz/4O0wXECzzhp2EAWGhNhbYi6IWYfpD7RoK2X0OrDmgh42b4QsJyK5aQ82rBmR
9YXomVxyLnvoeBIXAVvskCp/MCUsuK1ODIAlE22HRu43Krh+u6Z5mkxxGnpNZfcl
UWXU5CX8QoPBzQ73q/oEeY0fpx+N356XP39oEPtAC9mcZRLMdRI=
=vXg5
-----END PGP SIGNATURE-----

--2iBwrppp/7QCDedR--

--===============3062873044501699460==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============3062873044501699460==--