RHSA-2021:2302: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.The microcode_ctl packages provide microcode updates for Intel. Security Fix(es):

• hw: vt-d related privilege escalation (CVE-2020-24489)
• hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
• hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
• hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s):
• Update Intel CPU microcode to microcode-20210525 release Related CVEs:
• CVE-2020-24489: hw: vt-d related privilege escalation
• CVE-2020-24511: hw: improper isolation of shared resources in some Intel Processors
• CVE-2020-24512: hw: observable timing discrepancy in some Intel Processors
• CVE-2020-24513: hw: information disclosure on some Intel Atom processors