Hi, On Wed, Nov 11, 2020 at 07:52:55AM +0000, Mittal, Anuj wrote: > On Wed, 2020-11-11 at 07:48 +0000, [email protected] wrote: > > Hi, > > > > On Wed, Nov 11, 2020 at 10:49:00AM +0800, Anuj Mittal wrote: > > > Release notes: > > > https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20201110 > > > > Would be nice to document the fixed CVEs also in commit message: > > > > CVE-2020-8694 > > CVE-2020-8695 > > CVE-2020-8696 > > CVE-2020-8698 > > Thanks, I will include these in the commit message.
Actually CVE-2020-8694 seems to be about kernel side changes only so I don't know why that is listed in the changelog for microcode. As reference Ubuntu security details for CVE-2020-8694: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8694.html "Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. ... Mitigation Restrict permissions on the affected sysfs entries: $ sudo find /sys/devices/virtual/powercap/ -name energy_uj -exec chmod 400 {} \;" and fixed by kernel updates: https://ubuntu.com/security/notices/USN-4626-1 https://ubuntu.com/security/notices/USN-4627-1 Cheers, -Mikko
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#6805): https://lists.yoctoproject.org/g/meta-intel/message/6805 Mute This Topic: https://lists.yoctoproject.org/mt/78175306/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-intel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
