Intel CPU Microcode 20240910 Fixes Two Security Issues, Various Functional Issues
([Intel] 4 Hours Ago
Intel CPU Microcode 20240910)
- Reference: 0001490842
- News link: https://www.phoronix.com/news/Intel-CPU-Microcode-20240910
- Source link:
Intel today as part of their "Patch Tuesday" released new CPU microcode for recent generation Core and Xeon processors. Two security updates were made along with fixing a handful of functional issues.
The first security fix is for [1]Intel-SA-01103 as a medium-rated RAPL interface issue. There is a potential security vulnerability within the Intel Runtime Average Power Limiting (RAPL) interface that could lead to information disclosure. The updated firmware/microcode should address this issue affecting Xeon Scalable and Xeon D processors.
[2]Intel-SA-01097 is the other security fix with today's microcode release. This medium-rated security vulnerability is around a potential denial of service due to improper finite state machines within the hardware logic. This denial of service requires local access and affects Core and Xeon processors going back to Ice Lake. and affects through Raptor Lake Refresh.
In addition to the two security updates, the Intel CPU Microcode 20240910 update also fixes various functional issues for Intel Core Ultra (Meteor Lake) as well as 13th Gen and 12th Gen Core processors plus Intel Processors / Intel Core i3 N-Series.
Linux users can grab the new Intel CPU microcode via [3]GitHub and should be rolling out as updated CPU microcode on the major Linux distributions soon.
Not addressed by the CPU microcode updates, but this Patch Tuesday also brought [4]Intel-SA-01071 as a high severity UEFI firmware security vulnerability. This UEFI firmware advisory is due to possible privilege escalation, denial of service, and information disclosure. Intel UEFI firmware updates will address these vulnerabilities due to a race condition within the Intel Seamless Firmware Updates handling. Both server and client platforms are affected by this Intel UEFI firmware vulnerability.
[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html
[2] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html
[3] https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910
[4] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html
The first security fix is for [1]Intel-SA-01103 as a medium-rated RAPL interface issue. There is a potential security vulnerability within the Intel Runtime Average Power Limiting (RAPL) interface that could lead to information disclosure. The updated firmware/microcode should address this issue affecting Xeon Scalable and Xeon D processors.
[2]Intel-SA-01097 is the other security fix with today's microcode release. This medium-rated security vulnerability is around a potential denial of service due to improper finite state machines within the hardware logic. This denial of service requires local access and affects Core and Xeon processors going back to Ice Lake. and affects through Raptor Lake Refresh.
In addition to the two security updates, the Intel CPU Microcode 20240910 update also fixes various functional issues for Intel Core Ultra (Meteor Lake) as well as 13th Gen and 12th Gen Core processors plus Intel Processors / Intel Core i3 N-Series.
Linux users can grab the new Intel CPU microcode via [3]GitHub and should be rolling out as updated CPU microcode on the major Linux distributions soon.
Not addressed by the CPU microcode updates, but this Patch Tuesday also brought [4]Intel-SA-01071 as a high severity UEFI firmware security vulnerability. This UEFI firmware advisory is due to possible privilege escalation, denial of service, and information disclosure. Intel UEFI firmware updates will address these vulnerabilities due to a race condition within the Intel Seamless Firmware Updates handling. Both server and client platforms are affected by this Intel UEFI firmware vulnerability.
[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html
[2] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html
[3] https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910
[4] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html
phoronix