kumquat-buildroot/package/intel-microcode
Bernd Kuhls f83377b7b3 package/intel-microcode: security bump version to 20221108
Fixes the following security issues:

- CVE-2021-0146: Hardware allows activation of test or debug logic at
  runtime for some Intel(R) processors which may allow an unauthenticated
  user to potentially enable escalation of privilege via physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html

- CVE-2021-0127: Insufficient control flow management in some Intel(R)
  Processors may allow an authenticated user to potentially enable a denial
  of service via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html

- CVE-2022-21151: Processor optimization removal or modification of
  security-critical code for some Intel(R) Processors may allow an
  authenticated user to potentially enable information disclosure via local
  access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html

- CVE-2022-0005: Sensitive information accessible by physical probing of
  JTAG interface for some Intel(R) Processors with SGX may allow an
  unprivileged user to potentially enable information disclosure via
  physical access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html

- CVE-2022-21233: Improper isolation of shared resources in some Intel(R)
  Processors may allow a privileged user to potentially enable information
  disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html

For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/releasenote.md

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: extend commit message with security fix details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-14 23:08:15 +01:00
..
Config.in
intel-microcode.hash
intel-microcode.mk