Ubuntu Security Notice USN-6797-1

==========================================================================Ubuntu Security Notice USN-6797-1May 29, 2024intel-microcode vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 23.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS- Ubuntu 16.04 LTSSummary:Several security issues were fixed in Intel Microcode.Software Description:- intel-microcode: Processor microcode for Intel CPUsDetails:It was discovered that some 3rd and 4th Generation Intel® Xeon® Processorsdid not properly restrict access to certain hardware features when usingIntel® SGX or Intel® TDX. This may allow a privileged local user topotentially further escalate their privileges on the system. This issue onlyaffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS andUbuntu 16.04 LTS. (CVE-2023-22655)It was discovered that some Intel® Atom® Processors did not properly clearregister state when performing various operations. A local attacker coulduse this to obtain sensitive information via a transient execution attack.This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS,Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-28746)It was discovered that some Intel® Processors did not properly clear thestate of various hardware structures when switching execution contexts. Alocal attacker could use this to access privileged information. This issue onlyaffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS andUbuntu 16.04 LTS. (CVE-2023-38575)It was discovered that some Intel® Processors did not properly enforce buslock regulator protections. A remote attacker could use this to cause adenial of service. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS,Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-39368)It was discovered that some Intel® Xeon® D Processors did not properlycalculate the SGX base key when using Intel® SGX. A privileged localattacker could use this to obtain sensitive information. This issue onlyaffected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS andUbuntu 16.04 LTS. (CVE-2023-43490)It was discovered that some Intel® Processors did not properly protect againstconcurrent accesses. A local attacker could use this to obtain sensitiveinformation. (CVE-2023-45733)It was discovered that some Intel® Processors TDX module software did notproperly validate input. A privileged local attacker could use this informationto potentially further escalate their privileges on the system.(CVE-2023-45745, CVE-2023-47855)It was discovered that some Intel® Core™ Ultra processors did not properlyhandle particular instruction sequences. A local attacker could use thisissue to cause a denial of service. (CVE-2023-46103)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  intel-microcode                 3.20240514.0ubuntu0.24.04.1Ubuntu 23.10  intel-microcode                 3.20240514.0ubuntu0.23.10.1Ubuntu 22.04 LTS  intel-microcode                 3.20240514.0ubuntu0.22.04.1Ubuntu 20.04 LTS  intel-microcode                 3.20240514.0ubuntu0.20.04.1Ubuntu 18.04 LTS  intel-microcode                 3.20240514.0ubuntu0.18.04.1+esm1                                  Available with Ubuntu ProUbuntu 16.04 LTS  intel-microcode                 3.20240514.0ubuntu0.16.04.1+esm1                                  Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.References:  https://ubuntu.com/security/notices/USN-6797-1  CVE-2023-22655, CVE-2023-28746, CVE-2023-38575, CVE-2023-39368,  CVE-2023-43490, CVE-2023-45733, CVE-2023-45745, CVE-2023-46103,  CVE-2023-47855Package Information:  https://launchpad.net/ubuntu/+source/intel-microcode/3.20240514.0ubuntu0.24.04.1  https://launchpad.net/ubuntu/+source/intel-microcode/3.20240514.0ubuntu0.23.10.1  https://launchpad.net/ubuntu/+source/intel-microcode/3.20240514.0ubuntu0.22.04.1  https://launchpad.net/ubuntu/+source/intel-microcode/3.20240514.0ubuntu0.20.04.1-- Alex MurrayStaff Engineer | Security EngineeringAdelaide, Australia (GMT+0930)