Bug#1078742: marked as done (intel-microcode: CVE-2024-25939 CVE-2024-24980 CVE-2024-24853 CVE-2023-49141 CVE-2023-42667)

Thu, 22 Aug 2024 08:51:27 -0700 

Your message dated Thu, 22 Aug 2024 15:47:09 +0000
with message-id <e1sha1l-0014ql...@fasolo.debian.org>
and subject line Bug#1078742: fixed in intel-microcode 3.20240813.1~deb12u1
has caused the Debian Bug report #1078742,
regarding intel-microcode: CVE-2024-25939 CVE-2024-24980 CVE-2024-24853 
CVE-2023-49141 CVE-2023-42667
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1078742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: intel-microcode
Version: 3.20240531.1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Control: found -1 3.20240514.1~deb12u1
Control: found -1 3.20240514.1~deb11u1

Hi,

The following vulnerabilities were published for intel-microcode.

CVE-2024-25939[0]:
| Mirrored regions with different values in 3rd Generation Intel(R)
| Xeon(R) Scalable Processors may allow a privileged user to
| potentially enable denial of service via local access.


CVE-2024-24980[1]:
| Protection mechanism failure in some 3rd, 4th, and 5th Generation
| Intel(R) Xeon(R) Processors may allow a privileged user to
| potentially enable escalation of privilege via local access.


CVE-2024-24853[2]:
| Incorrect behavior order in transition between executive monitor and
| SMI transfer monitor (STM) in some Intel(R) Processor may allow a
| privileged user to potentially enable escalation of privilege via
| local access.


CVE-2023-49141[3]:
| Improper isolation in some Intel(R) Processors stream cache
| mechanism may allow an authenticated user to potentially enable
| escalation of privilege via local access.


CVE-2023-42667[4]:
| Improper isolation in the Intel(R) Core(TM) Ultra Processor stream
| cache mechanism may allow an authenticated user to potentially
| enable escalation of privilege via local access.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-25939
    https://www.cve.org/CVERecord?id=CVE-2024-25939
[1] https://security-tracker.debian.org/tracker/CVE-2024-24980
    https://www.cve.org/CVERecord?id=CVE-2024-24980
[2] https://security-tracker.debian.org/tracker/CVE-2024-24853
    https://www.cve.org/CVERecord?id=CVE-2024-24853
[3] https://security-tracker.debian.org/tracker/CVE-2023-49141
    https://www.cve.org/CVERecord?id=CVE-2023-49141
[4] https://security-tracker.debian.org/tracker/CVE-2023-42667
    https://www.cve.org/CVERecord?id=CVE-2023-42667
[5] 
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240813

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: intel-microcode
Source-Version: 3.20240813.1~deb12u1
Done: Henrique de Moraes Holschuh <h...@debian.org>

We believe that the bug you reported is fixed in the latest version of
intel-microcode, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1078...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Henrique de Moraes Holschuh <h...@debian.org> (supplier of updated 
intel-microcode package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 19 Aug 2024 21:59:40 -0300
Source: intel-microcode
Architecture: source
Version: 3.20240813.1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Henrique de Moraes Holschuh <h...@debian.org>
Changed-By: Henrique de Moraes Holschuh <h...@debian.org>
Closes: 1078742
Changes:
 intel-microcode (3.20240813.1~deb12u1) bookworm; urgency=medium
 .
   * Build for bookworm (no changes from 3.20240813.1)
 .
 intel-microcode (3.20240813.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240813 (closes: #1078742)
     - Mitigations for INTEL-SA-01083 (CVE-2024-24853)
       Incorrect behavior order in transition between executive monitor and SMI
       transfer monitor (STM) in some Intel Processors may allow a privileged
       user to potentially enable escalation of privilege via local access.
     - Mitigations for INTEL-SA-01118 (CVE-2024-25939)
       Mirrored regions with different values in 3rd Generation Intel Xeon
       Scalable Processors may allow a privileged user to potentially enable
       denial of service via local access.
     - Mitigations for INTEL-SA-01100 (CVE-2024-24980)
       Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel
       Xeon Processors may allow a privileged user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01038 (CVE-2023-42667)
       Improper isolation in the Intel Core Ultra Processor stream cache
       mechanism may allow an authenticated user to potentially enable
       escalation of privilege via local access.
     - Mitigations for INTEL-SA-01046 (CVE-2023-49141)
       Improper isolation in some IntelĀ® Processors stream cache mechanism may
       allow an authenticated user to potentially enable escalation of
       privilege via local access.
     - Fix for unspecified functional issues on several processor models
   * Updated microcodes:
     sig 0x00050657, pf_mask 0xbf, 2024-03-01, rev 0x5003707, size 39936
     sig 0x0005065b, pf_mask 0xbf, 2024-04-01, rev 0x7002904, size 30720
     sig 0x000606a6, pf_mask 0x87, 2024-04-01, rev 0xd0003e7, size 308224
     sig 0x000606c1, pf_mask 0x10, 2024-04-03, rev 0x10002b0, size 300032
     sig 0x000706e5, pf_mask 0x80, 2024-02-15, rev 0x00c6, size 114688
     sig 0x000806c1, pf_mask 0x80, 2024-02-15, rev 0x00b8, size 112640
     sig 0x000806c2, pf_mask 0xc2, 2024-02-15, rev 0x0038, size 99328
     sig 0x000806d1, pf_mask 0xc2, 2024-02-15, rev 0x0052, size 104448
     sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472
     sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000806ec, pf_mask 0x94, 2024-02-05, rev 0x00fc, size 106496
     sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480
     sig 0x000906ea, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 105472
     sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496
     sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496
     sig 0x000906ed, pf_mask 0x22, 2024-02-05, rev 0x0100, size 106496
     sig 0x000a0652, pf_mask 0x20, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0653, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 98304
     sig 0x000a0655, pf_mask 0x22, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0660, pf_mask 0x80, 2024-02-01, rev 0x00fe, size 97280
     sig 0x000a0661, pf_mask 0x80, 2024-02-01, rev 0x00fc, size 97280
     sig 0x000a0671, pf_mask 0x02, 2024-03-07, rev 0x0062, size 108544
     sig 0x000a06a4, pf_mask 0xe6, 2024-04-15, rev 0x001e, size 137216
   * source: update symlinks to reflect id of the latest release, 20240813
   * postinst, postrm: switch to dpkg-trigger to run update-initramfs
 .
 intel-microcode (3.20240531.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20240531
     * Fix unspecified functional issues on Pentium Silver N/J5xxx,
       Celeron N/J4xxx
     * Updated Microcodes:
       sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800
   * source: update symlinks to reflect id of the latest release, 20240531
Checksums-Sha1:
 d7732c897c6b3484b94ae4ec9dd96b0936d883fa 1830 
intel-microcode_3.20240813.1~deb12u1.dsc
 2f9a2a033da1895993cdcbc6bacf478692de599f 7670492 
intel-microcode_3.20240813.1~deb12u1.tar.xz
 bb26fadb37ef14a7473ff0687730637acf2af23a 6233 
intel-microcode_3.20240813.1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 365e0fa4fe49ee181857bf26373134767aacfabe340acb916e9b1116be95e772 1830 
intel-microcode_3.20240813.1~deb12u1.dsc
 4be1b9cac1fe4bc994b787670bd04305502527366f124c105e95295a5d9d2116 7670492 
intel-microcode_3.20240813.1~deb12u1.tar.xz
 4919c9644e77fc2ff061ce2f428a12cd33ae08222ee7cccb787d69c104605aff 6233 
intel-microcode_3.20240813.1~deb12u1_amd64.buildinfo
Files:
 84966c27e0089afbe92afe2257463bef 1830 non-free-firmware/admin standard 
intel-microcode_3.20240813.1~deb12u1.dsc
 e590a2f0635b8b8136d469f818352152 7670492 non-free-firmware/admin standard 
intel-microcode_3.20240813.1~deb12u1.tar.xz
 233908e29b0b7f3045f1013aea5d6010 6233 non-free-firmware/admin standard 
intel-microcode_3.20240813.1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEpvbMGUAhfu+gsYOwlOXoPKamj0cFAmbD8lUACgkQlOXoPKam
j0etyA/+MhtwIaNFwN0f9JFMkax+1CpugJebAXSO1H5cTx527TmUMe77Fiv+tN5Z
gYEflYrwtu0zcuvNGHfVnsoSOwnmqC34+WSqJa6MqndAxU0w4+ybds3aFo2usi/z
eTyHBt9U7KkIzPg5FiFASECHOBFnT4TCZhEkrUkKIm2RZEKa4Pwkt30L8zamyGNA
M41CBOULYIMWU2g6ePgv8pfLbZH8nuNQYIAtXru9qJbjkkRdUjLnHfDrO5NsEyH4
PtTV6zQnNW6GAnVTspNG6lJa3KCWyRcYiDm4CRYdEvW5lyWV6jRfgV54WEd6dZoF
AFUkEvPOTjpTpG/I0vlh+n589pCfIN1QrLsCjNq0gRlETEQliXAb91ls6KNYVQMt
JuSJ4XbaE84AtMGlIpkWW2tRssu1jKgyIxPnbg5FewIldOQZ3Oh6UHLRPGDTK3bG
TMg9vRjrTzHccEQM/ALRqWx7K4M2xiKHgF/StnJkGzQ/mdjXgx0qONGHXuuZ/85Q
9DAzhFYKbdDvZl+JsqyF17yXpKEVZ7+pJJOLrzsbTFn0Sg3SXToVMWZgDeC4f+3l
Np1Ba3uthn2C33HFeiKOeuMLRbtM8ZyOLKG92dO8T458E2gzJrfMonalt7Dm8/Sy
u1K4mZhFOeDxM7V9bHeGWWEILjpAl++44jtG2LA3sf8UaMBfYXo=
=Tc1L
-----END PGP SIGNATURE-----

Attachment: pgpmniG9c9slg.pgp
Description: PGP signature


--- End Message ---

Reply via email to