[ubuntu/plucky-proposed] intel-microcode 3.20250211.1ubuntu1 (Accepted)
Alex Murray
alex.murray at canonical.com
Tue Feb 25 04:06:15 UTC 2025
intel-microcode (3.20250211.1ubuntu1) plucky; urgency=medium
* SECURITY UPDATE: Merge from Debian unstable; remaining changes:
- debian/control: Add dracut and tiny-initramfs as alternative
recommends
- debian/tests/initramfs: update test for location of GenuineIntel.bin
since in Ubuntu this lives under the cpio2 initramfs so test for
its presence in any cpio
- debian/tests/control: update generic kernel dep as an alternative to
the original one from Debian
- debian/tests/initramfs: invoke update-initramfs with -c to ensure an
initrd is generated if one does not already exist so that the rest
of the test can proceed as expected
intel-microcode (3.20250211.1) unstable; urgency=medium
* New upstream microcode datafile 20250211 (closes: #1095805)
- Mitigations for INTEL-SA-01166 (CVE-2024-31068)
Improper Finite State Machines (FSMs) in Hardware Logic for some Intel
Processors may allow privileged user to potentially enable denial of
service via local access.
- Mitigations for INTEL-SA-01213 (CVE-2024-36293)
Improper access control in the EDECCSSA user leaf function for some
Intel Processors with Intel SGX may allow an authenticated user to
potentially enable denial of service via local access. Intel disclosed
that some 9th Generation Intel Core processor models were already fixed
by a previous microcode update.
- Mitigations for INTEL-SA-01139 (CVE-2023-43758, CVE-2023-34440,
CVE-2024-24582, CVE-2024-29214, CVE-2024-28127, CVE-2024-39279,
CVE-2024-31157, CVE-2024-28047)
Improper input validation, insufficient granularity of access control,
and improper initialization issues in UEFI firmware for some Intel
processors may allow escalation of privilege, denial of service, or
information disclosure. An UEFI firmware update is needed for complete
mitigation.
- Mitigations for INTEL-SA-01228 (CVE-2024-39355)
Improper handling of physical or environmental conditions in some 13th
and 14th Generation Intel Core Processors may allow an authenticated
user to enable denial of service via local access. An UEFI firmware
update may be required for complete mitigation.
- Mitigations for INTEL-SA-01194 (CVE-2024-37020)
Sequence of processor instructions leads to unexpected behavior in the
Intel DSA V1.0 for some Intel Xeon Processors may allow an authenticated
user to potentially enable denial of service via local access.
- Fixes for unspecified functional issues on several processor models
* New microcodes or new extended signatures:
sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952
sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
* Updated microcodes:
sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224
sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032
sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824
sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592
sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436
sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808
sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472
sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496
sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544
sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240
sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291
* source: update symlinks to reflect id of the latest release, 20250211
* Update changelog for 3.20240813.1 with new information
Date: Tue, 25 Feb 2025 13:45:25 +1030
Changed-By: Alex Murray <alex.murray at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/intel-microcode/3.20250211.1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Feb 2025 13:45:25 +1030
Source: intel-microcode
Built-For-Profiles: noudeb
Architecture: source
Version: 3.20250211.1ubuntu1
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Alex Murray <alex.murray at canonical.com>
Closes: 1095805
Changes:
intel-microcode (3.20250211.1ubuntu1) plucky; urgency=medium
.
* SECURITY UPDATE: Merge from Debian unstable; remaining changes:
- debian/control: Add dracut and tiny-initramfs as alternative
recommends
- debian/tests/initramfs: update test for location of GenuineIntel.bin
since in Ubuntu this lives under the cpio2 initramfs so test for
its presence in any cpio
- debian/tests/control: update generic kernel dep as an alternative to
the original one from Debian
- debian/tests/initramfs: invoke update-initramfs with -c to ensure an
initrd is generated if one does not already exist so that the rest
of the test can proceed as expected
.
intel-microcode (3.20250211.1) unstable; urgency=medium
.
* New upstream microcode datafile 20250211 (closes: #1095805)
- Mitigations for INTEL-SA-01166 (CVE-2024-31068)
Improper Finite State Machines (FSMs) in Hardware Logic for some Intel
Processors may allow privileged user to potentially enable denial of
service via local access.
- Mitigations for INTEL-SA-01213 (CVE-2024-36293)
Improper access control in the EDECCSSA user leaf function for some
Intel Processors with Intel SGX may allow an authenticated user to
potentially enable denial of service via local access. Intel disclosed
that some 9th Generation Intel Core processor models were already fixed
by a previous microcode update.
- Mitigations for INTEL-SA-01139 (CVE-2023-43758, CVE-2023-34440,
CVE-2024-24582, CVE-2024-29214, CVE-2024-28127, CVE-2024-39279,
CVE-2024-31157, CVE-2024-28047)
Improper input validation, insufficient granularity of access control,
and improper initialization issues in UEFI firmware for some Intel
processors may allow escalation of privilege, denial of service, or
information disclosure. An UEFI firmware update is needed for complete
mitigation.
- Mitigations for INTEL-SA-01228 (CVE-2024-39355)
Improper handling of physical or environmental conditions in some 13th
and 14th Generation Intel Core Processors may allow an authenticated
user to enable denial of service via local access. An UEFI firmware
update may be required for complete mitigation.
- Mitigations for INTEL-SA-01194 (CVE-2024-37020)
Sequence of processor instructions leads to unexpected behavior in the
Intel DSA V1.0 for some Intel Xeon Processors may allow an authenticated
user to potentially enable denial of service via local access.
- Fixes for unspecified functional issues on several processor models
* New microcodes or new extended signatures:
sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952
sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
* Updated microcodes:
sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224
sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032
sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824
sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592
sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436
sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808
sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472
sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496
sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544
sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240
sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291
* source: update symlinks to reflect id of the latest release, 20250211
* Update changelog for 3.20240813.1 with new information
Checksums-Sha1:
c379152ecf5bb07330d70d3a5c5ca4206ac4d224 1696 intel-microcode_3.20250211.1ubuntu1.dsc
a15640f6d32e743b3869231cd1f4d5e30a577ea8 9219392 intel-microcode_3.20250211.1ubuntu1.tar.xz
42322a00dde4cbe11122ae868027c05898d2167d 5814 intel-microcode_3.20250211.1ubuntu1_source.buildinfo
Checksums-Sha256:
c4abd95c30d02f2d9362dabdab2387b8d48b5a5001a887ca672928096e77eaf8 1696 intel-microcode_3.20250211.1ubuntu1.dsc
881888d0c13c360fae2b5088c7d721db7a7ca880c515b98ca23375720232d24d 9219392 intel-microcode_3.20250211.1ubuntu1.tar.xz
d2600ae0524adb8e652a5b172c7283066ae3d379014767e0b8bafb91d7bc96c6 5814 intel-microcode_3.20250211.1ubuntu1_source.buildinfo
Files:
5821dc685cd5e0dfa1a7e6e4bf99a781 1696 non-free-firmware/admin standard intel-microcode_3.20250211.1ubuntu1.dsc
a146079bf1db970b8bab9e25035f193f 9219392 non-free-firmware/admin standard intel-microcode_3.20250211.1ubuntu1.tar.xz
29908c3f1f45f751121d68b7f235a801 5814 non-free-firmware/admin standard intel-microcode_3.20250211.1ubuntu1_source.buildinfo
Original-Maintainer: Henrique de Moraes Holschuh <hmh at debian.org>
More information about the plucky-changes
mailing list