Bug#1078742: marked as done (intel-microcode: CVE-2024-25939 CVE-2024-24980 CVE-2024-24853 CVE-2023-49141 CVE-2023-42667)

Wed, 21 Aug 2024 13:36:32 -0700 

Your message dated Wed, 21 Aug 2024 20:33:20 +0000
with message-id <e1sgs1a-00du17...@fasolo.debian.org>
and subject line Bug#1078742: fixed in intel-microcode 3.20240813.1~deb11u1
has caused the Debian Bug report #1078742,
regarding intel-microcode: CVE-2024-25939 CVE-2024-24980 CVE-2024-24853 
CVE-2023-49141 CVE-2023-42667
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1078742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: intel-microcode
Version: 3.20240531.1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Control: found -1 3.20240514.1~deb12u1
Control: found -1 3.20240514.1~deb11u1

Hi,

The following vulnerabilities were published for intel-microcode.

CVE-2024-25939[0]:
| Mirrored regions with different values in 3rd Generation Intel(R)
| Xeon(R) Scalable Processors may allow a privileged user to
| potentially enable denial of service via local access.


CVE-2024-24980[1]:
| Protection mechanism failure in some 3rd, 4th, and 5th Generation
| Intel(R) Xeon(R) Processors may allow a privileged user to
| potentially enable escalation of privilege via local access.


CVE-2024-24853[2]:
| Incorrect behavior order in transition between executive monitor and
| SMI transfer monitor (STM) in some Intel(R) Processor may allow a
| privileged user to potentially enable escalation of privilege via
| local access.


CVE-2023-49141[3]:
| Improper isolation in some Intel(R) Processors stream cache
| mechanism may allow an authenticated user to potentially enable
| escalation of privilege via local access.


CVE-2023-42667[4]:
| Improper isolation in the Intel(R) Core(TM) Ultra Processor stream
| cache mechanism may allow an authenticated user to potentially
| enable escalation of privilege via local access.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-25939
    https://www.cve.org/CVERecord?id=CVE-2024-25939
[1] https://security-tracker.debian.org/tracker/CVE-2024-24980
    https://www.cve.org/CVERecord?id=CVE-2024-24980
[2] https://security-tracker.debian.org/tracker/CVE-2024-24853
    https://www.cve.org/CVERecord?id=CVE-2024-24853
[3] https://security-tracker.debian.org/tracker/CVE-2023-49141
    https://www.cve.org/CVERecord?id=CVE-2023-49141
[4] https://security-tracker.debian.org/tracker/CVE-2023-42667
    https://www.cve.org/CVERecord?id=CVE-2023-42667
[5] 
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240813

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: intel-microcode
Source-Version: 3.20240813.1~deb11u1
Done: Henrique de Moraes Holschuh <h...@debian.org>

We believe that the bug you reported is fixed in the latest version of
intel-microcode, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1078...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Henrique de Moraes Holschuh <h...@debian.org> (supplier of updated 
intel-microcode package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 19 Aug 2024 22:26:47 -0300
Source: intel-microcode
Architecture: source
Version: 3.20240813.1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Henrique de Moraes Holschuh <h...@debian.org>
Changed-By: Henrique de Moraes Holschuh <h...@debian.org>
Closes: 1078742
Changes:
 intel-microcode (3.20240813.1~deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye (no changes from 3.20240813.1)
 .
 intel-microcode (3.20240813.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240813 (closes: #1078742)
     - Mitigations for INTEL-SA-01083 (CVE-2024-24853)
       Incorrect behavior order in transition between executive monitor and SMI
       transfer monitor (STM) in some Intel Processors may allow a privileged
       user to potentially enable escalation of privilege via local access.
     - Mitigations for INTEL-SA-01118 (CVE-2024-25939)
       Mirrored regions with different values in 3rd Generation Intel Xeon
       Scalable Processors may allow a privileged user to potentially enable
       denial of service via local access.
     - Mitigations for INTEL-SA-01100 (CVE-2024-24980)
       Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel
       Xeon Processors may allow a privileged user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01038 (CVE-2023-42667)
       Improper isolation in the Intel Core Ultra Processor stream cache
       mechanism may allow an authenticated user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01046 (CVE-2023-49141)
       Improper isolation in some IntelĀ® Processors stream cache mechanism may
       allow an authenticated user to potentially enable escalation of
       privilege via local access.
     - Fix for unspecified functional issues on several processor models
   * Updated microcodes:
     sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936
     sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720
     sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224
     sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032
     sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688
     sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640
     sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328
     sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448
     sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472
     sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496
     sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480
     sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472
     sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496
     sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496
     sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304
     sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280
     sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544
     sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216
   * source: update symlinks to reflect id of the latest release, 20240813
   * postinst, postrm: switch to dpkg-trigger to run update-initramfs
 .
 intel-microcode (3.20240531.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240531
     * Fix unspecified functional issues on Pentium Silver N/J5xxx,
       Celeron N/J4xxx
     * Updated Microcodes:
       sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
   * source: update symlinks to reflect id of the latest release, 20240531
Checksums-Sha1:
 56139632b0f3b392af17bb653093979259230317 1821 
intel-microcode_3.20240813.1~deb11u1.dsc
 eaa577a6f494a2f80c565edf94e2890154ed0e2b 7667060 
intel-microcode_3.20240813.1~deb11u1.tar.xz
 1f46fb2d1e0d4ce368e8a4efe40777ba350bbd07 6095 
intel-microcode_3.20240813.1~deb11u1_amd64.buildinfo
Checksums-Sha256:
 3c65add98207dfbd11f9b400523890db7c23296ebd9e3b75a3d37340c0de2f65 1821 
intel-microcode_3.20240813.1~deb11u1.dsc
 9d4bcd8a53ee7ba7d2e6698d860b98c57035a982344088b1ac4e53a2315381f0 7667060 
intel-microcode_3.20240813.1~deb11u1.tar.xz
 25b59922d3965f7ac371f103f52ca1baf4293aaaa5267a77f4b7c93127616c7b 6095 
intel-microcode_3.20240813.1~deb11u1_amd64.buildinfo
Files:
 e6d4f36712fad13b64583346d67855c1 1821 non-free/admin standard 
intel-microcode_3.20240813.1~deb11u1.dsc
 f322e26c304035567cd4f97b20be2503 7667060 non-free/admin standard 
intel-microcode_3.20240813.1~deb11u1.tar.xz
 f2924342811c42d8cd0f724ae5519cb4 6095 non-free/admin standard 
intel-microcode_3.20240813.1~deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEpvbMGUAhfu+gsYOwlOXoPKamj0cFAmbD8k0ACgkQlOXoPKam
j0eqCg//RTXLa1m/LrrKufSor/sT/ijd98DBa/X88+d8Kmm/avLVSQbbZDFmBNr3
z8BZIifTKRX3nvg6+YnZN9yqSwwfY2TtlAjSHXqV9pUsnAmCrO0zaDM7r22ygQ0J
PgDrkmOw0cLjthUzQAohxqACMPw3BRGMsrKIdjHDSiJbC7BHm4AfxQY4kbRTHdvk
ajmsdAD7JHNghh+V/NGQeZgnWXhrTUclqZt2xF0m7OUYv+epTjhYLtEzCuzSPxd1
btqWjEUEAlslpMuhyWQNn+ZX1GEuGAiJWud/BSxK/9HZFQjXu7CnkYyzmV4skZcB
F5QQOX7oOr3EicGxY5fAd+vP005kZjibpy+2C+Ay+9LP0VDQP+iCG5Cc4SiYg+AS
D/BNn9l8uLc5Ao1l6wTJSNh2s0+ARFTWcIxFCuqrK5t2kn1IYSFPvHKcQbIsZBXX
VRINltL8U2nZ48el9uxwsKrXACo6S596XgE2dbmMSVqiiA8A1s7NbqkwORb2wD/i
Q8NDigypwAQEKS4jb3E/yMve0w1PA/Hpd4Okdg7EvZPvFSep83J0Vfrg1cIKcynw
bgSHK26XEPuqetKHVjxeMRKGI5TH0s3pu9p0PcF6NN+ZXO5Rk3BTeeIv/ITtHHUv
SMIeydHuitsCULPQxopjxHickbupM/BYwuGh3zT6oH2+1KVIc6A=
=CFZi
-----END PGP SIGNATURE-----

Attachment: pgpYNas37qzYq.pgp
Description: PGP signature


--- End Message ---

Reply via email to