Advisories » MGASA-2019-0334

Updated microcode packages fix security vulnerabilities

Publication date: 19 Nov 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-0117 , CVE-2019-11135 , CVE-2019-11139 , CVE-2018-12207


This update provides the Intel 20191112 microcode release that adds the
microcode side fixes and mitigations for at least the following security

A flaw was found in the implementation of SGX around the access control
of protected memory.  A local attacker of a system with SGX enabled and
an affected intel GPU with the ability to execute code is able to infer
the contents of the SGX protected memory (CVE-2019-0117).

TSX Asynchronous Abort condition on some CPUs utilizing speculative
execution may allow an authenticated user to potentially enable information
disclosure via a side channel with local access. (CVE-2019-11135).

Improper conditions check in the voltage modulation interface for some
Intel(R) Xeon(R) Scalable Processors may allow a privileged user to
potentially enable denial of service via local access (CVE-2019-11139).

Improper invalidation for page table updates by a virtual guest operating
system for multiple Intel(R) Processors may allow an authenticated user to
potentially enable denial of service of the host system via local access

TA Indirect Sharing Erratum (Information Leak)

Incomplete fixes for previous MDS mitigations (VERW)

SHUF* instruction implementation flaw (DoS)


Conditional Jump Macro-fusion (DoS or Privilege Escalation)

For the software side fixes and mitigations of theese issues, the kernel
must be updated to 5.3.13-1.mga7 (mga¤25686) or later.