News: 0001490842

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Intel CPU Microcode 20240910 Fixes Two Security Issues, Various Functional Issues

([Intel] 4 Hours Ago Intel CPU Microcode 20240910)


Intel today as part of their "Patch Tuesday" released new CPU microcode for recent generation Core and Xeon processors. Two security updates were made along with fixing a handful of functional issues.

The first security fix is for [1]Intel-SA-01103 as a medium-rated RAPL interface issue. There is a potential security vulnerability within the Intel Runtime Average Power Limiting (RAPL) interface that could lead to information disclosure. The updated firmware/microcode should address this issue affecting Xeon Scalable and Xeon D processors.

[2]Intel-SA-01097 is the other security fix with today's microcode release. This medium-rated security vulnerability is around a potential denial of service due to improper finite state machines within the hardware logic. This denial of service requires local access and affects Core and Xeon processors going back to Ice Lake. and affects through Raptor Lake Refresh.

In addition to the two security updates, the Intel CPU Microcode 20240910 update also fixes various functional issues for Intel Core Ultra (Meteor Lake) as well as 13th Gen and 12th Gen Core processors plus Intel Processors / Intel Core i3 N-Series.

Linux users can grab the new Intel CPU microcode via [3]GitHub and should be rolling out as updated CPU microcode on the major Linux distributions soon.

Not addressed by the CPU microcode updates, but this Patch Tuesday also brought [4]Intel-SA-01071 as a high severity UEFI firmware security vulnerability. This UEFI firmware advisory is due to possible privilege escalation, denial of service, and information disclosure. Intel UEFI firmware updates will address these vulnerabilities due to a race condition within the Intel Seamless Firmware Updates handling. Both server and client platforms are affected by this Intel UEFI firmware vulnerability.



[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html

[2] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html

[3] https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910

[4] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html



phoronix

Already the spirit of our schooling is permeated with the feeling that
every subject, every topic, every fact, every professed truth must be
submitted to a certain publicity and impartiality. All proffered
samples of learning must go to the same assay-room and be subjected to
common tests. It is the essence of all dogmatic faiths to hold that
any such "show-down" is sacrilegious and perverse. The characteristic
of religion, from their point of view, is that it is intellectually
secret, not public; peculiarly revealed, not generally known;
authoritatively declared, not communicated and tested in ordinary
ways...It is pertinent to point out that, as long as religion is
conceived as it is now by the great majority of professed religionists,
there is something self-contradictory in speaking of education in
religion in the same sense in which we speak of education in topics
where the method of free inquiry has made its way. The "religious"
would be the last to be willing that either the history of the
content of religion should be taught in this spirit; while those
to whom the scientific standpoint is not merely a technical device,
but is the embodiment of the integrity of mind, must protest against
its being taught in any other spirit.
-- John Dewey (1859-1953), American philosopher,
from "Democracy in the Schools", 1908