Univention Bugzilla – Bug 56920
intel-microcode: Multiple issues (5.0)
Last modified: 2023-12-20 17:04:33 CET
New Debian intel-microcode 3.20231114.1~deb10u1 fixes: This update addresses the following issue: 3.20231114.1~deb10u1 (Sat, 16 Dec 2023 16:57:23 +0100) * Non-maintainer upload by the LTS Security Team. * No-change upload of the bullseye version, rebuilt for buster (LTS), fixing CVE-2023-23583 See changelog entry from November 16th 2023 or DSA-5563-1 for details about the security vulnerability. 3.20231114.1~deb11u1 (Sat, 18 Nov 2023 16:47:51 -0300) * Backport to Debian Bullseye * debian/control: revert non-free-firmware change 3.20231114.1 (Thu, 16 Nov 2023 08:09:43 -0300) * New upstream microcode datafile 20231114 Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583) Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors, may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. Note: "reptar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm 0x01) were already mitigated by a previous microcode update. * Fixes for unspecified functional issues * Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 * Updated 2023-08-08 changelog entry with reptar information * source: update symlinks to reflect id of the latest release, 20231114
--- mirror/ftp/pool/main/i/intel-microcode/intel-microcode_3.20230808.1~deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-6/source/intel-microcode_3.20231114.1~deb10u1.dsc @@ -1,3 +1,64 @@ +3.20231114.1~deb10u1 [Sat, 16 Dec 2023 16:57:23 +0100] Tobias Frost <tobi@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * No-change upload of the bullseye version, rebuilt for buster (LTS), + fixing CVE-2023-23583 (Closes: #1055962) + See changelog entry from November 16th 2023 or DSA-5563-1 for details + about the security vulnerability. + +3.20231114.1~deb11u1 [Sat, 18 Nov 2023 16:47:51 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * Backport to Debian Bullseye + * debian/control: revert non-free-firmware change + +3.20231114.1 [Thu, 16 Nov 2023 08:09:43 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * New upstream microcode datafile 20231114 (closes: #1055962) + Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583) + Sequence of processor instructions leads to unexpected behavior for some + Intel(R) Processors, may allow an authenticated user to potentially enable + escalation of privilege and/or information disclosure and/or denial of + service via local access. + Note: "reptar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen + Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm + 0x01) were already mitigated by a previous microcode update. + * Fixes for unspecified functional issues + * Updated microcodes: + sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 + sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 + sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 + sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 + sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 + sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 + sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 + sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 + sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 + sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 + sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 + sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 + sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 + sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290 + sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290 + sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290 + sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290 + sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 + sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032 + sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032 + sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032 + sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032 + sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 + sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430 + sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430 + sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 + sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 + sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 + sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 + sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c + sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c + sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 + * Updated 2023-08-08 changelog entry with reptar information + * source: update symlinks to reflect id of the latest release, 20231114 + 3.20230808.1~deb10u1 [Tue, 15 Aug 2023 18:30:59 +0530] Utkarsh Gupta <utkarsh@debian.org>: * Non-maintainer upload by the LTS team. @@ -11,8 +72,10 @@ 3.20230808.1 [Tue, 08 Aug 2023 17:25:56 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: * New upstream microcode datafile 20230808 (closes: #1043305) - Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982), - INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804) + * Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982), + INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804) + * Mitigations for "reptar" on a few processors, refer to the 2023-11-14 + entry for details. This information was disclosed in 2023-11-14. * Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 <http://piuparts.knut.univention.de/5.0-6/#6529280508419464245>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-6] 9af688c318 Bug #56920: intel-microcode 3.20231114.1~deb10u1 doc/errata/staging/intel-microcode.yaml | 50 ++------------------------------- 1 file changed, 2 insertions(+), 48 deletions(-) [5.0-6] 79f68198b6 Bug #56920: intel-microcode 3.20231114.1~deb10u1 doc/errata/staging/intel-microcode.yaml | 59 +++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x900>