Package : intel-microcode CVE ID : CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities which could result in privilege escalation in combination with VT-d and various side channel attacks.
For the stable distribution (buster), these problems have been fixed in version 3.20210608.2~deb10u1.
If you are affected by those issues, you can recover by disabling microcode loading on boot (as documented in README.Debian (also available online at https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian))
We recommend that you upgrade your intel-microcode packages.