[Bug 1984166] Re: Update to latest upstream 20220809 to fix CVE-2022-21233
Alex Murray
1984166 at bugs.launchpad.net
Wed Sep 14 01:08:40 UTC 2022
Yes - the plan is to wait until it is fully phased in -updates then copy
it to -security and publish the associated USN - they are currently at
70-80% phased.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to intel-microcode in Ubuntu.
https://bugs.launchpad.net/bugs/1984166
Title:
Update to latest upstream 20220809 to fix CVE-2022-21233
Status in intel-microcode package in Ubuntu:
Fix Released
Status in intel-microcode source package in Bionic:
Fix Released
Status in intel-microcode source package in Focal:
Fix Released
Status in intel-microcode source package in Jammy:
Fix Released
Status in intel-microcode source package in Kinetic:
Fix Released
Bug description:
[Impact]
CVE-2022-21233
Stale data may be returned as the result of unauthorized reads to the legacy xAPIC MMIO region. This issue is present only in the legacy xAPIC mode and doesn’t affect the x2APIC mode. This can be used to expose sensitive information in an SGX enclave.
[Test Plan]
* install the updated intel-microcode packages and reboot the system
[Other Info]
Intel released microcode-20220809 release
(https://github.com/intel/Intel-Linux-Processor-Microcode-Data-
Files/releases/tag/microcode-20220809)
to address vulnerability
- CVE-2022-21233 / intel-sa-00657
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1984166/+subscriptions
More information about the foundations-bugs
mailing list