First Last Prev Next    This bug is not in your last search results.
Bug 49719 - intel-microcode: Multiple issues (4.3)
intel-microcode: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P3 normal (vote)
: UCS 4.3-4-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-06-24 14:02 CEST by Philipp Hahn
Modified: 2019-06-26 18:03 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 6.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2019-06-24 14:02:38 CEST 
New Debian intel-microcode 3.20190618.1~deb9u1 fixes:
This update extends erratum 503 and addresses the following issues:
* Microarchitectural Store Buffer Data Sampling (MSBDS) (CVE-2018-12126)
* Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) (CVE-2018-12127)
* Microarchitectural Fill Buffer Data Sampling (MFBDS) (CVE-2018-12130)
* Microarchitectural Data Sampling Uncacheable Memory (MDSUM) (CVE-2019-11091)
Comment 1 Quality Assurance univentionstaff 2019-06-24 15:11:45 CEST 
--- mirror/ftp/4.3/unmaintained/component/4.3-4-errata/source/intel-microcode_3.20190514.1~deb9u1.dsc
+++ apt/ucs_4.3-0-errata4.3-4/source/intel-microcode_3.20190618.1~deb9u1.dsc
@@ -1,3 +1,21 @@
+3.20190618.1~deb9u1 [Wed, 19 Jun 2019 09:27:39 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
+
+  * Rebuild for stretch-security (no changes)
+  * Refer to DSA 4447-1 for details
+
+3.20190618.1 [Wed, 19 Jun 2019 09:05:54 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
+
+  * New upstream microcode datafile 20190618
+    + SECURITY UPDATE
+      Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
+      CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+      for Sandybridge server and Core-X processors
+    + Updated Microcodes:
+      sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
+      sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456
+  * Add some missing (minor) changelog entries to 3.20190514.1
+  * Reformat 3.20190514.1 changelog entry to match rest of changelog
+
 3.20190514.1~deb9u1 [Tue, 14 May 2019 22:18:33 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
 
   * Rebuild for stretch-security (no changes)
@@ -5,48 +23,51 @@
 3.20190514.1 [Tue, 14 May 2019 21:49:08 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
 
   * New upstream microcode datafile 20190514
-  * SECURITY UPDATE
-    Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
-    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
-  * New Microcodes:
-    sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
-    sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
-    sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
-    sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
-    sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
-    sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
-  * Updated Microcodes:
-    sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
-    sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
-    sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
-    sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
-    sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
-    sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
-    sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
-    sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
-    sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
-    sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
-    sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
-    sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
-    sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
-    sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
-    sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
-    sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
-    sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
-    sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
-    sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
-    sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
-    sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
-    sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
-    sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
-    sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
-    sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
-    sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
-    sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
-    sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
-    sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
-    sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
-    sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
-    sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
-    sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
+    + SECURITY UPDATE
+      Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
+      CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+    + New Microcodes:
+      sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
+      sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
+      sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
+      sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
+      sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
+      sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
+    + Updated Microcodes:
+      sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
+      sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
+      sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
+      sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
+      sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
+      sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
+      sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
+      sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
+      sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
+      sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
+      sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
+      sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
+      sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
+      sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
+      sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
+      sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
+      sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
+      sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
+      sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
+      sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
+      sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
+      sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
+      sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
+      sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
+      sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
+      sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
+      sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
+      sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
+      sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
+      sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
+      sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
+      sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
+      sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
+  * README.Debian, control: update download/homepage URLs
+  * copyright: update download URL and date range
+  * source: update symlinks to reflect id of the latest release, 20190514
 

<http://10.200.17.11/4.3-4/#7387388023624434566>
Comment 2 Philipp Hahn univentionstaff 2019-06-25 09:37:12 CEST 
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts
OK: lscpu | grep --only --color --word-regexp -e md_clear

[4.3-4] 1a61e6aeab Bug #49719: intel-microcode_3.20190618.1~deb9u1
 doc/errata/staging/intel-microcode.yaml                                      | 10 ++++++++++
 1 file changed, 10 insertions(+)
Comment 3 Arvid Requate univentionstaff 2019-06-26 18:03:21 CEST 
<http://errata.software-univention.de/ucs/4.3/538.html>
First Last Prev Next    This bug is not in your last search results.