Mageia Advisory: MGASA-2018-0322 - Updated microcode packages fix security vulnerability

Updated microcode packages fix security vulnerability

Publication date: 25 Jul 2018
Modification date: 25 Jul 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-3639 , CVE-2018-3640

Description

This microcode update provides the first set of fixes for Speculative Store
Bypass (SSBD, Spectre v4, CVE-2018-3639) and  Rogue System Register Read
(RSRE, Spectre v3a, CVE-2018-3640) for Intel Sandybridge server, Ivy Bridge
server, Haswell server, Skylake server, Broadwell server, a few HEDT Core
i7/i9 models.

Included is also an AMD cpu microcode fix for family 15h Processor Revision
ID 0x00610f01 missed in the MGASA-2018-0260 update.

References

https://bugs.mageia.org/show_bug.cgi?id=23313
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3640

SRPMS

6/nonfree

microcode-0.20180703-1.mga6.nonfree

Advisories » MGASA-2018-0322

Updated microcode packages fix security vulnerability

Description

References

SRPMS

6/nonfree