drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Intel Microcode (Aktualisierung)
| Name: |
Mehrere Probleme in Intel Microcode (Aktualisierung) |
|
| ID: |
USN-7269-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 24.04 LTS |
|
| Datum: |
Mo, 24. Februar 2025, 06:58 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2024-36293
https://www.cve.org/CVERecord?id=CVE-2024-31068
https://www.cve.org/CVERecord?id=CVE-2024-39279 |
|
| Applikationen: |
intel-microcode |
|
| Update von: |
Mehrere Probleme in Intel Microcode |
|
Originalnachricht |
--===============0655321586150712846==
Content-Type: multipart/signed; boundary="=-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"
--=-=-=
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-7269-2
February 24, 2025
intel-microcode vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in Intel Microcode.
Software Description:
- intel-microcode: Processor microcode for Intel CPUs
Details:
USN-7269-1 fixed vulnerabilities in Intel Microcode. This update provides
the corresponding updates for Ubuntu 24.04 LTS.
Original advisory details:
Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel®
Processors did not properly implement Finite State Machines (FSMs) in
Hardware Logic. A local privileged attacker could use this issue to cause
a denial of service. (CVE-2024-31068)
It was discovered that some Intel® Processors with Intel® SGX did not
properly restrict access to the EDECCSSA user leaf function. A local
authenticated attacker could use this issue to cause a denial of
service. (CVE-2024-36293)
Ke Sun, Alyssa Milburn, Benoit Morgan, and Erik Bjorge discovered that the
UEFI firmware for some Intel® processors did not properly restrict
access. An authenticated local attacker could use this issue to cause a
denial of service. (CVE-2024-39279)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
intel-microcode 3.20250211.0ubuntu0.24.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7269-2
https://ubuntu.com/security/notices/USN-7269-1
CVE-2024-31068, CVE-2024-36293, CVE-2024-39279
Package Information:
https://launchpad.net/ubuntu/+source/intel-microcode/3.20250211.0ubuntu0.24.04.1
--=-=-
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQFOBAEBCgA4FiEEiOlTC8vdwgBRe16w9JjS2d59rZwFAme7/RwaHGFsZXgubXVy
cmF5QGNhbm9uaWNhbC5jb20ACgkQ9JjS2d59rZynxAf/YNk/BJaZktfdddsvb8Wl
lIAbJnYT8vUi3GMETzSnI9kUuavfThGdDX55auC/BFwFNS7sb+XL4e4Ix3j9h0Rh
UipNmIKguHacsfM9VGrTjYXwUBv8yUOgBHWAbRHLBXMfqxugCEAW7IuSAcfZNIPb
E/aabXT6H5WfeGp0Zc5VtNRhjVvK5RI8alkLxYO3sCUKNY3pQ74HvN3ilFXRusbi
XgScYdwLqj2pTqMsC0C9YGqkAb4H9zrkHTRSZeoC84YsV3lUUBQGaziTvYjSEbYS
Y/cGCZoPP4EpGAtnKUGWuPVjM1QkHrwX+1/KAxD76GIVxGlBRW8bWoCVSWNgbhiM
1A==
=ajeB
-----END PGP SIGNATURE-----
--=-=-=--
--===============0655321586150712846==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============0655321586150712846==--
|
|
|
|
