This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities. The microcode update for HEDT and Xeon CPUs with signature 0x50654 which was reverted in DSA 4565-2 is now included again with a fixed release. The upstream update for Skylake-U/Y (signature 0x406e3) had to be excluded from this update due to reported hangs on boot. For details refer to https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html For the oldstable distribution (stretch), these problems have been fixed in version 3.20200609.2~deb9u1. For the stable distribution (buster), these problems have been fixed in version 3.20200609.2~deb10u1. We recommend that you upgrade your intel-microcode packages. For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
The microcode update for HEDT and Xeon CPUs with signature 0x50654 which was reverted in DSA 4565-2 is now included again with a fixed release.
The upstream update for Skylake-U/Y (signature 0x406e3) had to be excluded from this update due to reported hangs on boot.
For details refer to https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
For the oldstable distribution (stretch), these problems have been fixed in version 3.20200609.2~deb9u1.
For the stable distribution (buster), these problems have been fixed in version 3.20200609.2~deb10u1.
We recommend that you upgrade your intel-microcode packages.
For the detailed security status of intel-microcode please refer to its security tracker page at: https://security-tracker.debian.org/tracker/intel-microcode