Debian Bug report logs -
#989615
intel-microcode: CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2021-24489 (INTEL-SA-00464, INTEL-SA-00465, INTEL-SA-00442)
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 8 Jun 2021 19:27:02 UTC
Severity: important
Tags: security, upstream
Found in versions intel-microcode/3.20200609.2~deb10u1, intel-microcode/3.20210216.1
Fixed in version intel-microcode/3.20210608.1
Done: Henrique de Moraes Holschuh <hmh@debian.org>
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>:
Bug#989615; Package src:intel-microcode.
(Tue, 08 Jun 2021 19:27:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Henrique de Moraes Holschuh <hmh@debian.org>.
(Tue, 08 Jun 2021 19:27:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: intel-microcode
Version: 3.20210216.1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 3.20200609.2~deb10u1
Hi,
The following vulnerabilities were published for intel-microcode.
CVE-2020-24511[0] (INTEL-SA-00464), CVE-2020-24512[1]
(INTEL-SA-00464), CVE-2020-24513[2] (INTEL-SA-00465),
CVE-2021-24489[3] (INTEL-SA-00442).
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-24511
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24511
[1] https://security-tracker.debian.org/tracker/CVE-2020-24512
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24512
[2] https://security-tracker.debian.org/tracker/CVE-2020-24513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24513
[3] https://security-tracker.debian.org/tracker/CVE-2021-24489
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24489
[4] https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
Regards,
Salvatore
Marked as found in versions intel-microcode/3.20200609.2~deb10u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org.
(Tue, 08 Jun 2021 19:27:04 GMT) (full text, mbox, link).
Reply sent
to Henrique de Moraes Holschuh <hmh@debian.org>:
You have taken responsibility.
(Wed, 09 Jun 2021 12:36:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Wed, 09 Jun 2021 12:36:09 GMT) (full text, mbox, link).
Message #12 received at 989615-close@bugs.debian.org (full text, mbox, reply):
Source: intel-microcode
Source-Version: 3.20210608.1
Done: Henrique de Moraes Holschuh <hmh@debian.org>
We believe that the bug you reported is fixed in the latest version of
intel-microcode, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 989615@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Henrique de Moraes Holschuh <hmh@debian.org> (supplier of updated intel-microcode package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 08 Jun 2021 22:37:57 -0300
Source: intel-microcode
Architecture: source
Version: 3.20210608.1
Distribution: unstable
Urgency: high
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Closes: 989615
Changes:
intel-microcode (3.20210608.1) unstable; urgency=high
.
* New upstream microcode datafile 20210608 (closes: #989615)
* Implements mitigations for CVE-2020-24511 CVE-2020-24512
(INTEL-SA-00464), information leakage through shared resources,
and timing discrepancy sidechannels
* Implements mitigations for CVE-2020-24513 (INTEL-SA-00465),
Domain-bypass transient execution vulnerability in some Intel Atom
Processors, affects Intel SGX.
* Implements mitigations for CVE-2021-24489 (INTEL-SA-00442), Intel
VT-d privilege escalation
* Fixes critical errata on several processors
* New Microcodes:
sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648
sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648
sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568
sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208
sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328
sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456
sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456
sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352
* Updated Microcodes:
sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816
sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456
sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472
sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744
sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816
sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864
sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720
sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720
sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648
sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576
sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576
sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456
sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408
sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360
sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472
sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264
sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752
sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776
sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592
sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768
sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424
sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400
sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184
sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208
sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208
sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208
sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184
* source: update symlinks to reflect id of the latest release, 20210608
Checksums-Sha1:
bdb76268f7b88198cec74dd62f4509a2ce25323b 1789 intel-microcode_3.20210608.1.dsc
cc95b5ea7fcfa48538a22f0d64b2051017a8cc63 4502020 intel-microcode_3.20210608.1.tar.xz
5a44e97c177acce0443b9e6e6f2a69efd485611b 5627 intel-microcode_3.20210608.1_amd64.buildinfo
Checksums-Sha256:
09d7304dc32de50d0102212cbd8a99ae92a015e69af9df1071750a20e09a98c4 1789 intel-microcode_3.20210608.1.dsc
a584c4a4bbc0043b11388f0e384e41b390e742cf08ce4352c98955b99dcd861c 4502020 intel-microcode_3.20210608.1.tar.xz
99d3bc087927a918b66bb17787d72dd6ce6027b2ed38c5c9c6ecee00f5b3409d 5627 intel-microcode_3.20210608.1_amd64.buildinfo
Files:
affe6a1af639685c2db1ab5197057a61 1789 non-free/admin standard intel-microcode_3.20210608.1.dsc
e7188f2210fe503c50fc68b953a0911c 4502020 non-free/admin standard intel-microcode_3.20210608.1.tar.xz
dbb4528ccc3edfcec8ddf2c641a7c214 5627 non-free/admin standard intel-microcode_3.20210608.1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEQWtPby40keG61F/9KC7xu6bDcIUFAmDAr6cACgkQKC7xu6bD
cIXhXBAAjdECiO+JUoZZa6MaGyVdtmx910hVhPPzIBXap6KNScOFTqoohDiwqDLF
JUDCXW05fCeaj8s1QH+sttfDkEHMfNWEW1CugPYH8Ia3Zmrddg050JZoFWBcakPA
7/8zBPzSosjMURPomEeYlmvWqiohqdetgZ/WKS7rw5XYryqT9z/oKPV4nVGRrxdb
ynvSam+IbIIe3VIlVZIk1LbbowLM4TghccdgUvTHFIKmFBoYgIyvoty1DjscTzXd
9D2IZkVa9pgMgJK1kf1NjIgahK3nOsU/0iVMR/7wcTU7TGoBjVK8qQLwFXCcutq0
K/k3I94GZbdL7ihUQyTtfrW0/Zp8yN3yrQGfXH0XQmVag16YD4jQ7HNOsNDNwRDg
9y38pOfuMrxTH3YnFDi0mtlJFteAaoEs4GPmz/GnPcCG2VmpfZdo3mgCs4dmdlwR
ceskRIAoEeqlz23oZb159Tdk7JMT6QRCpYG2m5ipvmJr48GzNLlsI9SALUVs1njp
ET7c41CNK4a2DK/rxuNLsnM1gD4V4TKbaPk6pcgUCi3gWvPYDS4XsBsS3xABvPLQ
cjCC8T/0I8jl8NsWjtVQIdV+sv81JFFdOBBvhq8zG9PSNAqoV7RMdalRFSLbl+a8
1hniuXTWYmYBYovzUZWE3PbdFttfkX+GNrJsbUdP7UEay2zq6ac=
=0nwr
-----END PGP SIGNATURE-----
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 9 16:13:46 2021;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon