Mageia alert MGASA-2018-0176 (microcode)

From:
    	     
 
Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	     
 
updates-announce@ml.mageia.org 
Subject:
    	     
 
[updates-announce] MGASA-2018-0176: Updated microcode packages fix security vulnerabilities 
Date:
    	     
 
Mon, 19 Mar 2018 13:14:00 +0100
Message-ID:
    	     
 
<20180319121400.C85379FB11@duvel.mageia.org>
MGASA-2018-0176 - Updated microcode packages fix security vulnerabilities

Publication date: 19 Mar 2018
URL: https://advisories.mageia.org/MGASA-2018-0176.html
Type: security
Affected Mageia releases: 6
CVE: CVE-2017-5715

Description:
This update provides new microcode fixes and mitigations for Spectre
(CVE-2017-5715) for many Intel CPUs produced in the last 5 years.

So far the Intel microcode updates are for several processors from many
of Intel Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake, Gemini Lake,
Apollo Lake, Crystal Well and IVT platforms.

Theese updated microcodes should also fix the instabilities that some
users experienced with the earlier microcode updates released in
MGASA-2018-0079.

We will provide more microcode updates later on when they are made
available by Intel and Amd.

if you want to use this microcode on your current running kernel,
you need to re-create the initrd (initial ramdisk used at boot time),
you can do so by issuing the command 'dracut -f' as root, and reboot
your system

We also suggest that you check if there is updated  BIOS and EFI
firmwares from your hardware vendor.

For a list of updated microcode revisions, read the referened Intel list page.

References:
- https://bugs.mageia.org/show_bug.cgi?id=22762
- https://downloadcenter.intel.com/download/27591/Linux-Pro...
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715

SRPMS:
- 6/nonfree/microcode-0.20180312-1.mga6.nonfree