Intel Releases Updated Microcode For Linux Users To Mitigate Xeon Security Issue

Written by Michael Larabel in Intel on 17 February 2021 at 07:16 AM EST. Add A Comment
INTEL
Intel on Tuesday night released the "microcode-20210216" package as the latest update to their collection of CPU microcode binaries. This time around the only changes to the Intel CPU microcode binaries are for Skylake server CPUs and Cascade Lake B-0/B-1 processors in order to address two vulnerabilities that came to light last year.

The updated Intel microcode-20210216 package that was made public on Tuesday is for addressing the security advisory INTEL-SA-00381. INTEL-SA-00381 consists of CVE-2020-8698 as a medium-level vulnerability that due to improper isolation of shared resources could lead to an authenticated user to potentially enable information disclosure. Also part of this security advisory is the lower priority CVE-2020-8696 around improper removal of sensitive information before storage or transfer could lead to information disclosure.

For both of these issues they are contingent on any attacker first having local user access to the system. But given this While disclosed on 10 November, Intel only began distributing updated CPU microcode files for affected Skylake / Cascade Lake server processors at the end of January and now this week updated their Linux CPU microcode repository.

As for the changed microcode behavior with the latest update, Intel notes, "The new microcode update mitigates an issue when using an active JTAG agent like In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard Management Controller (BMC) to take the CPU JTAG/TAP out of reset and then returning it to reset."

This new Intel CPU microcode package for Linux users can be obtained via GitHub. Besides addressing SA-00381 for Skylake / Cascade Lake Xeon there are no other listed changes with this update.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week