Opened 7 months ago
Closed 6 months ago
#20353 closed enhancement (fixed)
intel-microcode-20240910
| Reported by: | Xi Ruoyao | Owned by: | blfs-book |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New microcode release with 2 upstream security advisories.
Change History (4)
comment:1 by , 7 months ago
comment:2 by , 7 months ago
The book in updated at r12.2-115-g6a92f62e7e. I just bumped the revision number (I don't have a system affected by the update) and added a note explaining some rare cases like Raptor Lake 0x129 are ineffective loading from the kernel.
I'll write up a SA later.
comment:3 by , 7 months ago
The security vulnerabilities are:
CVE-2024-23984 (Medium): A potential security vulnerability in the Running Average Power Limit (RAPL) interface for some Intel® Processors may allow information disclosure. - Also known as https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html
CVE-2024-24968 (Medium): A potential security vulnerability in some Intel® Processors may allow denial of service. - Also known as https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html
CVE-2024-23984 only affects 3rd Generation Intel Xeon Scalable CPUs, while CVE-2024-24968 affects every CPU 10th Generation or Higher (as well as 3rd Generation Xeon Scalable CPUs and Xeon D series CPUs)
Note that the release contains the 0x129 revision for 13 and 14 generations, but loading it from an initramfs will NOT resolve the voltage issue which may lead to a permanent damage. To resolve the voltage issue it has to be loaded by the BIOS. A standalone copy of the microcode is only distributed for open-source BIOS implementations like Coreboot.