In addition to all the item announcements produced for Intel Vision 2022 in Texas, these days marks patch Tuesday with a new round of stability disclosures from Intel. This thirty day period there are 16 new advisories for addressing 41 vulnerabilities affecting their software program and components. 76% of these vulnerabilities were being uncovered by Intel engineers.
Yielding the new CPU microcode fall right now is INTEL-SA-000617 / CVE-2022-21151. This “medium” rated safety advisory is thanks to a safety problem with some Intel CPUs that could guide to information and facts disclosure by using regional entry. The problem is explained as “Processor optimization removing or modification of stability-essential code for some Intel(R) Processors may possibly enable an authenticated person to likely empower info disclosure by using regional entry.” The new CPU microcode printed today normally takes treatment of that challenge.
The Intel for Linux 20220510 microcode launch in addition to that security repair has several purposeful problems solved much too. This is their to start with Linux microcode CPU fall for Alder Lake processors whilst the updated CPU platforms range from Skylake and Valley View by way of Rocket Lake and Tiger Lake.
The up-to-date Intel CPU microcode for Linux customers can be located via GitHub whilst Home windows users will possible locate the microcode update coming down soon by using a Home windows update and/or by means of BIOS updates from motherboard sellers.
The other new security advisories issued now can be discovered by way of the Intel Stability Centre like two Xeon regional info disclosures also mitigated by the new firmware, Boot Guard, a likely denial of sertvice with the Intel SGX kernel drivers, and extra.
There is also a Processor Speculative Cross Retail store Bypass Advisory for a “behavioral discrepancy in some Intel(R) Processors may perhaps permit an licensed user to probably help information disclosure by means of local accessibility” though this advisory is rated lower. Intel is recommending possible devices make the most of a load fence (LFENCE) immediately after loads that need to observe writes from one more thread to the identical shared memory address.