import microcode_ctl-20220207-1.el9

This commit is contained in:
CentOS Sources 2022-03-01 08:18:33 -05:00 committed by Stepan Oksanichenko
parent 541cbbc076
commit b7f84afb5d
11 changed files with 162 additions and 4 deletions

2
.gitignore vendored
View File

@ -4,4 +4,4 @@ SOURCES/06-55-04
SOURCES/06-5e-03
SOURCES/microcode-20190918.tar.gz
SOURCES/microcode-20191115.tar.gz
SOURCES/microcode-20210608.tar.gz
SOURCES/microcode-20220207.tar.gz

View File

@ -4,4 +4,4 @@ bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07
86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03
bc20d6789e6614b9d9f88ee321ab82bed220f26f SOURCES/microcode-20190918.tar.gz
774636f4d440623b0ee6a2dad65260e81208074d SOURCES/microcode-20191115.tar.gz
68f7344d874d50f4c8d836f01abc497707d0baa2 SOURCES/microcode-20210608.tar.gz
a2a0e662d463e1d826ae74406379557a12469eb5 SOURCES/microcode-20220207.tar.gz

View File

@ -14,6 +14,7 @@ microcode revisions in question are listed below:
* 06-4e-03, revision 0xdc: cd1733458d187486999337ff8b51eeaa0cfbca6c
* 06-4e-03, revision 0xe2: 41f4513cf563605bc85db38056ac430dec948366
* 06-4e-03, revision 0xea: 5a54cab9f22f69b819d663e5747ed6ea2a326c55
* 06-4e-03, revision 0xec: d949a8543d2464d955f5dc4b0777cac863f48729
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
@ -46,6 +47,8 @@ to the following knowledge base articles:
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow):
https://access.redhat.com/articles/6716541
The information regarding enforcing microcode update is provided below.

View File

@ -20,6 +20,7 @@ microcode revisions in question are listed below:
* 06-55-04, revision 0x2006a08: 4059fb1f60370297454177f63cd7cc20b3fa1212
* 06-55-04, revision 0x2006a0a: 7ec27025329c82de9553c14a78733ad1013e5462
* 06-55-04, revision 0x2006b06: cb5bec976cb9754e3a22ab6828b3262a8f9eccf7
* 06-55-04, revision 0x2006c0a: 76b641375d136c08f5feb46aacebee40468ac085
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
@ -52,6 +53,8 @@ to the following knowledge base articles:
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow):
https://access.redhat.com/articles/6716541
The information regarding disabling microcode update is provided below.

View File

@ -17,6 +17,7 @@ microcode revisions in question are listed below:
* 06-5e-03, revision 0xdc: 5e1020a10678cfc60980131c3d3a2cfd462b4dd7
* 06-5e-03, revision 0xe2: 031e6e148b590d1c9cfdb6677539eeb4899e831c
* 06-5e-03, revision 0xea: e6c37056a849fd281f2fdb975361a914e07b86c8
* 06-5e-03, revision 0xec: 6458bf25da4906479a01ffdcaa6d466e22722e01
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
@ -49,6 +50,8 @@ to the following knowledge base articles:
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow):
https://access.redhat.com/articles/6716541
The information regarding disabling microcode update is provided below.

View File

@ -11,6 +11,7 @@ For the reference, SHA1 checksums of 06-8c-01 microcode files containing
microcode revisions in question are listed below:
* 06-8c-01, revision 0x68: 2204a6dee1688980cd228268fdf4b6ed5904fe04
* 06-8c-01, revision 0x88: 61b6590feb2769046d5b0c394179beaf2df51290
* 06-8c-01, revision 0x9a: 48b3ae8d27d8138b5b47052d2f8184bf555ad18e
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
@ -25,6 +26,8 @@ to the following knowledge base articles:
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0145 (Fast store forward predictor - Cross Domain Training):
https://access.redhat.com/articles/6716541
The information regarding disabling microcode update is provided below.

View File

@ -92,6 +92,16 @@ in question:
* 06-9e-0c, revision 0xea: 1329a4d8166fe7d70833d21428936254e11efbb4
* 06-9e-0d, revision 0xea: 9c73f2ac6c4edbf8b0aefdd5d6780c7219be702a
* 06-8e-09, revision 0xec: 78eb624be5e8084e438318bdad99f9ddc082def7
* 06-8e-0a, revision 0xec: 6c41a6ad412f48f81a9d5edf59dcdecc358398bf
* 06-8e-0b, revision 0xec: 89dd0de598c83eb9714f6839499f322dfce2b693
* 06-8e-0c, revision 0xec: 225ea349b9cb3b1b94e237deb797e0c60d14a84c
* 06-9e-09, revision 0xec: fc5c0206fe392a0ddad4dc9363fde2d3e3d1e681
* 06-9e-0a, revision 0xec: 128002076e4ac3c75697fb4efdf1f8ddcc971fbe
* 06-9e-0b, revision 0xec: ac8c3865a143b2e03869f15a5b86e560f60ad632
* 06-9e-0c, revision 0xec: 6e3d695290def517857c8e743dc65161479f0c04
* 06-9e-0d, revision 0xec: 58b1ec5fee7dd1a761ed901b374ccb978737a979
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
required for mitigating specific side-channel cache attacks, please refer
@ -118,6 +128,13 @@ to the following knowledge base articles:
CVE-2020-8696 (Vector Register Leakage-Active),
CVE-2020-8698 (Fast Forward Store Predictor):
https://access.redhat.com/articles/5569051
* CVE-2020-24489 (VT-d-related Privilege Escalation),
CVE-2020-24511 (Improper Isolation of Shared Resources),
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow):
https://access.redhat.com/articles/6716541
The information regarding disabling microcode update is provided below.

View File

@ -92,6 +92,16 @@ in question:
* 06-9e-0c, revision 0xea: 1329a4d8166fe7d70833d21428936254e11efbb4
* 06-9e-0d, revision 0xea: 9c73f2ac6c4edbf8b0aefdd5d6780c7219be702a
* 06-8e-09, revision 0xec: 78eb624be5e8084e438318bdad99f9ddc082def7
* 06-8e-0a, revision 0xec: 6c41a6ad412f48f81a9d5edf59dcdecc358398bf
* 06-8e-0b, revision 0xec: 89dd0de598c83eb9714f6839499f322dfce2b693
* 06-8e-0c, revision 0xec: 225ea349b9cb3b1b94e237deb797e0c60d14a84c
* 06-9e-09, revision 0xec: fc5c0206fe392a0ddad4dc9363fde2d3e3d1e681
* 06-9e-0a, revision 0xec: 128002076e4ac3c75697fb4efdf1f8ddcc971fbe
* 06-9e-0b, revision 0xec: ac8c3865a143b2e03869f15a5b86e560f60ad632
* 06-9e-0c, revision 0xec: 6e3d695290def517857c8e743dc65161479f0c04
* 06-9e-0d, revision 0xec: 58b1ec5fee7dd1a761ed901b374ccb978737a979
Please contact your system vendor for a BIOS/firmware update that contains
the latest microcode version. For the information regarding microcode versions
required for mitigating specific side-channel cache attacks, please refer
@ -118,6 +128,13 @@ to the following knowledge base articles:
CVE-2020-8696 (Vector Register Leakage-Active),
CVE-2020-8698 (Fast Forward Store Predictor):
https://access.redhat.com/articles/5569051
* CVE-2020-24489 (VT-d-related Privilege Escalation),
CVE-2020-24511 (Improper Isolation of Shared Resources),
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow):
https://access.redhat.com/articles/6716541
The information regarding disabling microcode update is provided below.

View File

@ -860,3 +860,8 @@ Intel CPU vulnerabilities is available in the following knowledge base articles:
CVE-2020-24512 (Observable Timing Discrepancy),
CVE-2020-24513 (Information Disclosure on Some Intel Atom Processors):
https://access.redhat.com/articles/6101171
* CVE-2021-0127 (Intel Processor Breakpoint Control Flow),
CVE-2021-0145 (Fast store forward predictor - Cross Domain Training),
CVE-2021-0146 (VT-d-related Privilege Escalation),
CVE-2021-33120 (Out of bounds read for some Intel Atom processors):
https://access.redhat.com/articles/6716541

View File

@ -271,6 +271,7 @@ Mobile;;Ice Lake;D1;80;706e5;ICL;U,Y;Core Gen10 Mobile;
Server;;Knights Mill;A0;08;80650;KNM;;Xeon Phi 72x5;Xeon Phi 7235, 7285, 7295
SOC;;Snow Ridge;B0;01;80664;SNR;;Atom P59xxB;
SOC;;Snow Ridge;B1;01;80665;SNR;;Atom P59xxB;
SOC;;Snow Ridge;C0;01;80667;SNR;;Atom P59xxB;
Mobile;;Tiger Lake;B1;80;806c1;TGL;UP3,UP4;Core Gen11 Mobile;
Mobile;;Tiger Lake Refresh;C0;80;806c2;TGL;R;Core Gen11 Mobile;
Mobile;;Tiger Lake;R0;c2;806d1;TGL;H;Core Gen11 Mobile;

View File

@ -1,4 +1,4 @@
%define intel_ucode_version 20210608
%define intel_ucode_version 20220207
%define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats
%define microcode_ctl_libexec %{_libexecdir}/microcode_ctl
@ -12,7 +12,7 @@
Summary: CPU microcode updates for Intel x86 processors
Name: microcode_ctl
Version: %{intel_ucode_version}
Release: 2%{?dist}
Release: 1%{?dist}
Epoch: 4
License: CC0 and Redistributable, no modification permitted
URL: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files
@ -545,6 +545,112 @@ rm -rf %{buildroot}
%changelog
* Thu Feb 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220207-1
- Update Intel CPU microcode to microcode-20220207 release, addresses
CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#2053253):
- Removal of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
- Removal of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
at revision 0xb00000f;
- Removal of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05)
at revision 0xb00000f;
- Removal of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f;
- Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in
intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xea up to 0xec;
- Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in
intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb00003e up
to 0xb000040;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006b06 up
to 0x2006c0a;
- Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in
intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xea up to 0xec;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x88 up to 0x9a;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xea up
to 0xec;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xea up
to 0xec;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xea up
to 0xec;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xea up
to 0xec;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xea up to 0xec;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xea up
to 0xec;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xea up
to 0xec;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xea up
to 0xec;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xea up
to 0xec;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xea up
to 0xec;
- Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode
from revision 0x46 up to 0x49;
- Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x19 up
to 0x1a;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015b
up to 0x100015c;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003102
up to 0x400320a;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003102 up to 0x500320a;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002302
up to 0x7002402;
- Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision
0x700001b up to 0x700001c;
- Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000019
up to 0xf00001a;
- Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision
0xe000012 up to 0xe000014;
- Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x44 up
to 0x46;
- Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x20 up
to 0x24;
- Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x34 up
to 0x36;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0002a0
up to 0xd000331;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x36 up
to 0x38;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x1a up
to 0x1c;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa6
up to 0xa8;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x2a up
to 0x2d;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x16 up
to 0x22;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x2c up
to 0x3c;
- Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x11 up
to 0x15;
- Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x1d up
to 0x2400001f;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xea up
to 0xec;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xea
up to 0xec;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xec
up to 0xee;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe8
up to 0xea;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xea up to 0xec;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x40 up
to 0x50.
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4:20210608-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688