Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5924-1] intel-microcode security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5924-1] intel-microcode security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5924-1] intel-microcode security update
  • Date: Fri, 23 May 2025 19:04:25 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1uIXgv-00DX32-2W AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=bAnLku3cCiAN5IDAn1nWY6wpwESSpYu+5bQXT5OFYlc=; b=d7 vh+xGKXXfJwG9dkg8dHg6I5GFR/BRwh6xZHB9m5w4hcSdmGTdOWqEsNw771mv4NvY2DxZEeOC3o0m uz/1DIi1aGVAGRqDbubvEwQGyi6mFt/QPTl0VGLKxeVRA1S7IMky71UnhIB8qNy4lTBNnKmyAzux0 CzaZ0ERw3H3BYIudRLBzKekK/vYZfbCiLhVVzAciU6DXJNIWt35N+vfJR7I9mApEJGRdB1t9z4hGt yRm737Z/pcDC2jtMc6btGOsfsZ39WQhJlUIBCVSMnnt7RNiK9m6q8g8J4rho5YTqHHSe0YKQUyfsZ qOU5TRyWEMXNerB3TXYaIBSgg+daqytQ==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Fri, 23 May 2025 19:04:47 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <59T0HBmzUKH.A.-qJD.PbMMoB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5924-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
May 23, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : intel-microcode
CVE ID : CVE-2024-28956 CVE-2024-43420 CVE-2024-45332 CVE-2025-20012
CVE-2025-20054 CVE-2025-20103 CVE-2025-20623 CVE-2025-24495
Debian Bug : 1105172

This update ships updated CPU microcode for some types of Intel CPUs. In
particular it provides mitigations for the Indirect Target Selection
(ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection
vulnerability (CVE-2024-45332).

For CPUs affected to ITS (Indirect Target Selection), to fully mitigate
the vulnerability it is also necessary to update the Linux kernel
packages released in a separate, forthcoming DSA.

For details on the Indirect Target Selection (ITS) vulnerability please
refer to https://www.vusec.net/projects/training-solo/ and
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/indirect-target-selection.html
.

For details on the Branch Privilege Injection vulnerability please refer
to https://comsec.ethz.ch/research/microarch/branch-privilege-injection/

For the stable distribution (bookworm), these problems have been fixed in
version 3.20250512.1~deb12u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgwxoVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Rrtg//dVak1i/7zQwc/6QQKyP9SfIubQs1o/coANl1UcokFOWh/SqRppsm0MVF
MZltWVpO47Xg4FkNT1ulfsV5ag7F+dyRmLRz/5hzflxHR1MaZCrtErWlHPwTYLaU
oYme71WdmL+HfclCsCi0D7PN6YiQL+9CoCWnIptXitwU+FKSJuLLIdsfEroIDVHk
p15Ceuxqa7fuqH1HY56OCF34xR8Z6IgrOu5f3P1C7IX/WbwaReAlykSw2c84rzhV
boHWUH/iekHwkLRg9TYESnALyNUfmgPu0d3fC5M/XvAbBcRFT7x6jAQE31hQzFbr
f9TK06EK1RAu3ETTCuFsBX+D85xOpzhMKL3t9MyGPsKGm5liLmYmfjNHe/+M5F/N
L1jKlgR+AOjJEYSqFyZXWLBgQDeeG7Bs5dT5t2CRN8sg7Xq1LDHze5eVXPa7VBal
EHAjmk40wCRmgl6c5BolUgXfIhZa30SjNIAdFZ+P16Y+lZQzKT8H8eVth9ElwsF2
maz2FwdlXT6q8UEtLSrWskgExXP3CNqvdPi3XqGo1QSuEv7oTuI8RHpJNozpZLjE
3rIS02TefsNkWt54FhrH0rwImUiy53M58ma5Rf6qL9Peb6CbO6S894gHzcWfd6Sy
YBbjWEwN5QxYknPj45zvziNqF2rGbx9L6nsm7KMaYiacjYsLPgU=
=Nfoc
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5924-1] intel-microcode security update, Salvatore Bonaccorso, 23.05.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang