Intel Publishes "20231114" CPU Microcode For New Security Advisory & Functional Issues

Written by Michael Larabel in Intel on 14 November 2023 at 01:00 PM EST. 2 Comments
INTEL
Intel has released new CPU microcode this morning for mitigating a new CPU security vulnerability (INTEL-SA-00950). This new microcode drop also fixes various functional issues on recent generations of Intel processors.

This Patch Tuesday there are 31 security advisories with 104 CVEs being addressed. Arguably most notable is the INTEL-SA-00950 security advisory. During product development on Sapphire Rapids, a functional bug was discovered. When further evaluating that functional bug, it was determined to be a possible temporary denial of service with exposure too for older platforms. For what was initially classified a CVSS 3.0 rating then was reclassified to CVSS 8.0 (high) after discovering a possible escalation of privilege vector.

Due to that possible escalation of privilege and a 90 day disclosure policy of Google where their researchers also discovered this same issue, SA-00950 is being made public today rather than in early 2024. Thus today's CPU microcode update takes care of mitigating this security vulnerability on affected processors. I was told by Intel in advance there shouldn't be any performance impact from this CPU microcode update and I'll be testing to confirm. Intel is not aware of any active attacks with this vulnerability.

Sapphire Rapids CPU


Plus today's batch of CPU microcode updates also fix various "functional issues" on these processors without shedding light on those changes. This ends up meaning new Intel CPU microcode is available today for Rocket Lake S and Tigerlake (Core Gen11) and newer up through Core Gen13 Raptor Lake. On the Xeon side there are new releases for Xeon Scalable 4th Gen Sapphire Rapids, Atom C1100 series, Xeon Scalable 3rd Gen Ice Lake, and Xeon Max.

The new microcode is available for Linux users from GitHub.

Meanwhile AMD has also posted a few security bulletins today as well for Patch Tuesday. Digging through those now.
2 Comments
Related News
Intel Begins Readying Graphics Driver Changes For The Linux 6.14 Kernel
UMD Direct Submission "Proof Of Concept" For The Intel Xe Linux Driver
Intel Linux Display Driver Being Adapted For DRM Panic "Blue Screen of Death" Support
Intel Compute Runtime 24.45.31740.9 Released Ahead Of The Arc B580 "Battlemage" Launch
Intel ANV Driver Improves Vulkan Image Compression Going Back To Tigerlake
Intel CEO Pat Gelsinger Retires
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features