Intel Microcode Vulnerabilities Addressed in Ubuntu Systems
Intel Microcode, the firmware responsible for controlling the behavior of Intel CPUs, has recently been found to have several vulnerabilities. These issues could potentially allow attackers to gain unauthorized access to your system, steal sensitive information, or even crash your computer.
Recent Intel Microcode Vulnerabilities
Let’s break down some vulnerabilities that were patched in the recent Ubuntu security updates.
Researchers found that certain 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to some hardware features when using Intel® Software Guard Extensions (SGX) or Intel® Trusted Domain Extensions (TDX). This could allow a privileged local user to escalate their privileges on the system. The affected versions include Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04, and Ubuntu 16.04.
A flaw in some Intel® Atom® Processors was found where register states were not properly cleared during certain operations. This Intel Microcode vulnerability could enable a local attacker to gain sensitive information via transient execution attacks. Affected versions include Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
Certain Intel® Processors were found to improperly handle the state of various hardware structures during execution context switches. This issue could allow a local attacker to access privileged information. This issue affects Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
Another Intel Microcode vulnerability was identified where Intel® Processors failed to enforce bus lock regulator protections properly. A remote attacker could exploit this flaw to cause a denial of service. The affected Ubuntu versions include Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
Intel® Xeon® D Processors were found to incorrectly calculate the SGX base key when using Intel® SGX, potentially allowing a privileged local attacker to obtain sensitive information. This issue affects Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
CVE-2023-45745 and CVE-2023-47855
Multiple vulnerabilities in the Intel® Processors TDX module software were identified due to improper input validation. This could allow a privileged local attacker to escalate their privileges on the system.
How to Secure Systems
The best way to protect your systems from these vulnerabilities is to ensure that the Intel Microcode package is updated to the latest version available. Canonical has released important updates to fix Intel Microcode vulnerabilities in different Ubuntu versions. However, Ubuntu 16.04 and Ubuntu 18.04 stopped receiving security updates after the end of life (EOL).
With TuxCare’s Extended Lifecycle Support (ELS), you can receive automated vulnerability patches for Ubuntu 16.04 and Ubuntu 18.04 for up to 5 additional years after the EOL date. This includes security patches for Intel Microcode, the Linux kernel, glibc, OpenSSL, Python, and several other packages.
Track the availability of patches for the above vulnerabilities using the TuxCare CVE tracker.
Conclusion
By keeping your systems updated, you can mitigate the risks posed by these Intel Microcode vulnerabilities. Regularly applying updates and patches is crucial to maintaining system security and protecting sensitive information from potential attacks.
If you have any questions about Extended Lifecycle Support (ELS), ask us a question and one of our Linux security experts will get back to you.
Source: USN-6797-1