USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types.
Original advisory details:
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit (RAPL) feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8695)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8696)
Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel(R) Processors did not properly isolate shared resources in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-8698)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "3.20210216.0ubuntu0.18.04.1", "binary_name": "intel-microcode" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:18.04:LTS", "cves": [ { "id": "CVE-2020-8695", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2020-8696", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "low", "type": "Ubuntu" } ] }, { "id": "CVE-2020-8698", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ] } }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "3.20210216.0ubuntu0.20.04.1", "binary_name": "intel-microcode" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:20.04:LTS", "cves": [ { "id": "CVE-2020-8695", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2020-8696", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "low", "type": "Ubuntu" } ] }, { "id": "CVE-2020-8698", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ] } }