Debian Security Advisory
DSA-4701-1 intel-microcode -- security update
- Date Reported:
- 11 Jun 2020
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2020-0543, CVE-2020-0548, CVE-2020-0549.
- More information:
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
The microcode update for HEDT and Xeon CPUs with signature 0x50654 which was reverted in DSA 4565-2 is now included again with a fixed release.
The upstream update for Skylake-U/Y (signature 0x406e3) had to be excluded from this update due to reported hangs on boot.
For details refer to https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
For the oldstable distribution (stretch), these problems have been fixed in version 3.20200609.2~deb9u1.
For the stable distribution (buster), these problems have been fixed in version 3.20200609.2~deb10u1.
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode