Headline
Ubuntu Security Notice USN-7077-1
Ubuntu Security Notice 7077-1 - Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute arbitrary code within the processor’s firmware layer.
==========================================================================
Ubuntu Security Notice USN-7077-1
October 21, 2024
amd64-microcode vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
AMD processors may allow a privileged local attacker to further escalate their
privileged and execute arbitrary code within the processor’s firmware layer.
Software Description:
- amd64-microcode: Platform firmware and microcode for AMD CPUs and SoCs
Details:
Enrique Nissim and Krzysztof Okupski discovered that some AMD processors
did not properly restrict access to the System Management Mode (SMM)
configuration when the SMM Lock was enabled. A privileged local attacker
could possibly use this issue to further escalate their privileges and
execute arbitrary code within the processor’s firmware layer.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.10
amd64-microcode 3.20240116.2+nmu1ubuntu1.1
Ubuntu 24.04 LTS
amd64-microcode 3.20231019.1ubuntu2.1
Ubuntu 22.04 LTS
amd64-microcode 3.20191218.1ubuntu2.3
Ubuntu 20.04 LTS
amd64-microcode 3.20191218.1ubuntu1.3
Ubuntu 18.04 LTS
amd64-microcode 3.20191021.1+really3.20181128.1~ubuntu0.18.04.1+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
amd64-microcode 3.20191021.1+really3.20180524.1~ubuntu0.16.04.2+esm3
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7077-1
CVE-2023-31315
Package Information:
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20240116.2+nmu1ubuntu1.1
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20231019.1ubuntu2.1
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20191218.1ubuntu2.3
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20191218.1ubuntu1.3
Related news
Red Hat Security Advisory 2024-5982-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as