From e0bae5e5fe43e78bb925026c8f0f922bea851062 Mon Sep 17 00:00:00 2001 From: Christian Lamparter Date: Fri, 8 Mar 2024 21:16:44 +0100 Subject: [PATCH] firmware: intel-microcode: update to 20231114 Debian changelog: intel-microcode (3.20231114.1) unstable; urgency=medium * New upstream microcode datafile 20231114 (closes: #1055962) Mitigations for "reptar", INTEL-SA-00950 (CVE-2023-23583) Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors, may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. Note: "retvar" on 4th gen Xeon Scalable (sig 0x806f8 pfm 0x87), 12th gen Core mobile (sig 0x906a4 pfm 0x80), 13th gen Core desktop (sig 0xb0671 pfm 0x01) were already mitigated by a previous microcode update. * Fixes for unspecified functional issues * Updated microcodes: sig 0x000606a6, pf_mask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pf_mask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pf_mask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pf_mask 0x80, 2023-09-07, rev 0x00b4, size 111616 sig 0x000806c2, pf_mask 0xc2, 2023-09-07, rev 0x0034, size 98304 sig 0x000806d1, pf_mask 0xc2, 2023-09-07, rev 0x004e, size 104448 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0, size 572416 sig 0x000806f8, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f7, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f6, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f5, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f4, pf_mask 0x87, 2023-06-16, rev 0x2b0004d0 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290, size 605184 sig 0x000806f8, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f6, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f5, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x000806f4, pf_mask 0x10, 2023-06-26, rev 0x2c000290 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032, size 222208 sig 0x00090672, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x00090675, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000b06f2, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000b06f5, pf_mask 0x07, 2023-06-07, rev 0x0032 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430, size 220160 sig 0x000906a3, pf_mask 0x80, 2023-06-07, rev 0x0430 sig 0x000906a4, pf_mask 0x80, 2023-06-07, rev 0x0430 sig 0x000906a4, pf_mask 0x40, 2023-05-05, rev 0x0005, size 117760 sig 0x000a0671, pf_mask 0x02, 2023-09-03, rev 0x005d, size 104448 sig 0x000b0671, pf_mask 0x32, 2023-08-29, rev 0x011d, size 210944 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c, size 216064 sig 0x000b06a2, pf_mask 0xe0, 2023-08-30, rev 0x411c sig 0x000b06a3, pf_mask 0xe0, 2023-08-30, rev 0x411c sig 0x000b06e0, pf_mask 0x11, 2023-06-26, rev 0x0012, size 136192 * Updated 2023-08-08 changelog entry: Mitigations for "retvar" on a few processors, refer to the 2023-11-14 entry for details. This information was disclosed in 2023-11-14. * source: update symlinks to reflect id of the latest release, 20231114 -- Henrique de Moraes Holschuh Thu, 16 Nov 2023 08:09:43 -0300 Signed-off-by: Christian Lamparter (cherry picked from commit 7241a91c948066e9062729a043944fd313826753) --- package/firmware/intel-microcode/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/firmware/intel-microcode/Makefile b/package/firmware/intel-microcode/Makefile index 9e87dccc12..d9b527a61f 100644 --- a/package/firmware/intel-microcode/Makefile +++ b/package/firmware/intel-microcode/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=intel-microcode -PKG_VERSION:=20230808 +PKG_VERSION:=20231114 PKG_RELEASE:=1 PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).1.tar.xz PKG_SOURCE_URL:=@DEBIAN/pool/non-free-firmware/i/intel-microcode/ -PKG_HASH:=29e77c275b3f60a691832c0844f70effbd94a4594d04af21e0c2e6e0c1ac1894 +PKG_HASH:=637ac30d3fc36eb51d3ed71909f09f7408797f4527c20e58d3b0ad4eafc20869 PKG_BUILD_DIR:=$(BUILD_DIR)/intel-microcode-3.$(PKG_VERSION).1 PKG_CPE_ID:=cpe:/a:intel:microcode -- 2.30.2