USN-3531-2
See a problem?- Source
- https://ubuntu.com/security/notices/USN-3531-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3531-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-3531-2
- Related
- Published
- 2018-01-22T16:09:41.849114Z
- Modified
- 2018-01-22T16:09:41.849114Z
- Summary
- intel-microcode regression
- Details
-
USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release.
Original advisory details:
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715)
This update provides the microcode updates required for the corresponding Linux kernel updates.
- References
Affected packages
Ubuntu:14.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20180108.0+really20170707ubuntu14.04.1?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20180108.0+really20170707ubuntu14.04.1
Ubuntu:16.04:LTS / intel-microcode
Package
- Name
- intel-microcode
- Purl
- pkg:deb/ubuntu/intel-microcode@3.20180108.0+really20170707ubuntu16.04.1?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.20180108.0+really20170707ubuntu16.04.1