Advisories » MGASA-2024-0028

Updated microcode fixes bugs and a security vulnerability

Publication date: 09 Feb 2024
Modification date: 08 Feb 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-23583

Description

The updated package contains microcode updates for Intel and AMD CPUs,
including a fix for a security vulnerability:
Sequence of processor instructions leads to unexpected behavior for some
Intel(R) Processors may allow an authenticated user to potentially
enable escalation of privilege and/or information disclosure and/or
denial of service via local access. (CVE-2023-23583)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32528
• https://lwn.net/Articles/951472/
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23583

SRPMS

9/nonfree

• microcode-0.20231114-1.mga9.nonfree