Threat Encyclopedia

RHSA-2021:2299-Security Advisory

Description

The vulnerabilities in the following products could cause the system to become vulnerable to malicious security attack: microcode_ctl

Analysis

The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489) hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) hw: information disclosure on some Intel Atom processors (CVE-2020-24513) hw: vt-d related privilege escalation (CVE-2020-24489) hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release Do not use 'grep -q' in a pipe in check_caveats. Update Intel CPU microcode to microcode-20210525 release Do not use 'grep -q' in a pipe in check_caveats. SolutionBefore applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258

Affected Products

microcode_ctl