NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/intel-microcode: security bump version to 20221108

Browse Source 
Fixes the following security issues:

- CVE-2021-0146: Hardware allows activation of test or debug logic at
  runtime for some Intel(R) processors which may allow an unauthenticated
  user to potentially enable escalation of privilege via physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html

- CVE-2021-0127: Insufficient control flow management in some Intel(R)
  Processors may allow an authenticated user to potentially enable a denial
  of service via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html

- CVE-2022-21151: Processor optimization removal or modification of
  security-critical code for some Intel(R) Processors may allow an
  authenticated user to potentially enable information disclosure via local
  access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html

- CVE-2022-0005: Sensitive information accessible by physical probing of
  JTAG interface for some Intel(R) Processors with SGX may allow an
  unprivileged user to potentially enable information disclosure via
  physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html

- CVE-2022-21233: Improper isolation of shared resources in some Intel(R)
  Processors may allow a privileged user to potentially enable information
  disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html

For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/releasenote.md

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: extend commit message with security fix details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Bernd Kuhls 2022-12-14 20:58:25 +01:00 committed by Peter Korsgaard
parent f095f5a8be
commit f83377b7b3
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/intel-microcode/intel-microcode.hash
View File

@ -1,3 +1,3 @@
# Locally computed
sha256 fd85b6b769efd029dec6a2c07106fd18fb4dcb548b7bc4cde09295a8344ef6d7 intel-microcode-20210608.tar.gz
sha256 8d14a914815f56c27b1f41be0fd699d1afcfdbc05432056427e455100798975e intel-microcode-20221108.tar.gz
sha256 03efb1491c7e899feb2665fa299363e64035e5444c1b8bc1f6ebed30de964e12 license

2
package/intel-microcode/intel-microcode.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
INTEL_MICROCODE_VERSION = 20210608
INTEL_MICROCODE_VERSION = 20221108
INTEL_MICROCODE_SITE = $(call github,intel,Intel-Linux-Processor-Microcode-Data-Files,microcode-$(INTEL_MICROCODE_VERSION))
INTEL_MICROCODE_LICENSE = PROPRIETARY
INTEL_MICROCODE_LICENSE_FILES = license