Show Your Support: This site is primarily supported by advertisements. Ads are what have allowed this site to be maintained on a daily basis for the past 18+ years. We do our best to ensure only clean, relevant ads are shown, when any nasty ads are detected, we work to remove them ASAP. If you would like to view the site without ads while still supporting our work, please consider our ad-free Phoronix Premium.
Intel Posts Updated CPU Microcode For Two More SGX Vulnerabilities, Privilege Escalation Bug
The Valentine's Day disclosures can be found via the Intel Security Center and range from their ON Event Android app to QATzip to Iris Xe MAX driver issues on Windows to CPU issues.
Intel today published new CPU microcode for Linux users and that is in reference to three new vulnerability disclosures in particular:
INTEL-SA-00767 - "A potential security vulnerability in some Intel® Processors with Intel® Software Guard Extensions (SGX) may allow information disclosure...Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access."
INTEL-SA-00738 - "A potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions (SGX) may allow escalation of privilege... Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access."
INTEL-SA-00700 - "A potential security vulnerability in some Intel® Atom® and Intel® Xeon® Scalable Processors may allow escalation of privilege....Insufficient granularity of access control in out-of-band management in some Intel(R) Atom® and Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access."
The latter two have a CVSS base score of "high" while the first has a "medium" rating and these three are what led to today's Intel CPU microcode updates for Linux users.
The Intel 20230214 microcode drop covers Intel Core Gen11 through Core Gen13 Raptor Lake, Xeon Scalable of all generations, select Pentium processors, Core Gen10 Mobile, Xeon D Ice Lake, and other select processors. This is also the first time the CPU microcode has seen updates for the new 4th Gen Xeon Scalable "Sapphire Rapids" processors, including the new Xeon CPU Max Series and on the client side for Raptor Lake P / H / U.
The Intel 20230214 CPU microcode files should be working their way to Linux distribution stable release updates shortly while those interested in fetching the new CPU microcode right away can find them via GitHub.