Intel Releases New Processor Microcode For Security Advisories, CPU Bugs

Written by Michael Larabel in Intel on 11 November 2020 at 02:49 AM EST. 19 Comments
INTEL
Intel on Tuesday evening released their 20201110 CPU microcode package as their first collection of updated CPU microcode binaries since June and it's a big update.

Following the disclosure of some 40 new security advisories for their products including the notable "PLATYPUS" vulnerability affecting Intel RAPL, they released the Intel 20201110 CPU microcode package for Linux users to address these security problems as well as other CPU bugs.

INTEL-SA-00381 is addressed as an information disclosure vulnerability around the fast store forward predictor and an AVX flaw where a local attacker can obtain the register state of previous AVX executions.

INTEL-SA-00389 is also addressed with the updated microcode and is in regards to the Intel RAPL vulnerabilities known as PLATYPUS. The updated microcode updates go along with the updated Linux kernel patches issued today, including the disabling of reading Intel CPU energy information by non-root users.

Besides the CPU security updates, there are also a number of "functional issue" updates around CPU bugs spanning many different generations. For example, Ice Lake processors have fixes around VT-d and a Type-C port issue that could lead to system hangs. Xeon Scalable Cascade Lake has a fix for where interrupts may be lost when a core exits C6. There are also various other random CPU bug fixes in the microcode too.

The Intel 20201110 microcode package is also the first time including binaries for Cooper Lake, Lakefield, Tiger Lake, and Comet Lake.

The updated Intel CPU microcode files are available via GitHub.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week