CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout completed - TuxCare

CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout completed

TuxCare Team

September 20, 2021

changelog

A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

CHANGELOG

SVEs list:

  • CVE-2021-24489
  • CVE-2020-24511
  • CVE-2020-24512
  • CVE-2020-24513

microcode_ctl-1.17-33.34.el6.cloudlinux.els

  • Fix incomplete cleanup in some Intel(R) VT-d products (CVE-2020-24489)
  • Fix improper isolation of shared resources in some Intel(R) Processors (CVE-2020-24511)
  • Fix observable timing discrepancy in some Intel(R) Processors (CVE-2020-24512)
  • Fix domain-bypass transient execution vulnerability in some Intel Atom(R) Processors (CVE-2020-24513)

UPDATE COMMAND

yum update microcode_ctl*

 

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching