[Buildroot] [git commit branch/next] package/intel-microcode: security bump version to 20221108
Peter Korsgaard
peter at korsgaard.com
Mon Feb 20 20:56:31 UTC 2023
commit: https://git.buildroot.net/buildroot/commit/?id=f83377b7b30c82da363c7937f693fe979318f598
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/next
Fixes the following security issues:
- CVE-2021-0146: Hardware allows activation of test or debug logic at
runtime for some Intel(R) processors which may allow an unauthenticated
user to potentially enable escalation of privilege via physical access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html
- CVE-2021-0127: Insufficient control flow management in some Intel(R)
Processors may allow an authenticated user to potentially enable a denial
of service via local access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html
- CVE-2022-21151: Processor optimization removal or modification of
security-critical code for some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via local
access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html
- CVE-2022-0005: Sensitive information accessible by physical probing of
JTAG interface for some Intel(R) Processors with SGX may allow an
unprivileged user to potentially enable information disclosure via
physical access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html
- CVE-2022-21233: Improper isolation of shared resources in some Intel(R)
Processors may allow a privileged user to potentially enable information
disclosure via local access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html
For more details, see the release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/blob/main/releasenote.md
Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
[Peter: extend commit message with security fix details]
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/intel-microcode/intel-microcode.hash | 2 +-
package/intel-microcode/intel-microcode.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/intel-microcode/intel-microcode.hash b/package/intel-microcode/intel-microcode.hash
index 6687d4c0eb..56f0237277 100644
--- a/package/intel-microcode/intel-microcode.hash
+++ b/package/intel-microcode/intel-microcode.hash
@@ -1,3 +1,3 @@
# Locally computed
-sha256 fd85b6b769efd029dec6a2c07106fd18fb4dcb548b7bc4cde09295a8344ef6d7 intel-microcode-20210608.tar.gz
+sha256 8d14a914815f56c27b1f41be0fd699d1afcfdbc05432056427e455100798975e intel-microcode-20221108.tar.gz
sha256 03efb1491c7e899feb2665fa299363e64035e5444c1b8bc1f6ebed30de964e12 license
diff --git a/package/intel-microcode/intel-microcode.mk b/package/intel-microcode/intel-microcode.mk
index af7f6fa804..787537da78 100644
--- a/package/intel-microcode/intel-microcode.mk
+++ b/package/intel-microcode/intel-microcode.mk
@@ -4,7 +4,7 @@
#
################################################################################
-INTEL_MICROCODE_VERSION = 20210608
+INTEL_MICROCODE_VERSION = 20221108
INTEL_MICROCODE_SITE = $(call github,intel,Intel-Linux-Processor-Microcode-Data-Files,microcode-$(INTEL_MICROCODE_VERSION))
INTEL_MICROCODE_LICENSE = PROPRIETARY
INTEL_MICROCODE_LICENSE_FILES = license
More information about the buildroot
mailing list