ClickCease CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout - TuxCare

Check the status of CVEs. Learn More.

Table of Contents

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Follow Us On Social

TuxCare Blog

CentOS 6 ELS: microcode_ctl package with the fix for several CVEs gradual rollout

by

September 7, 2021 - TuxCare PR Team

A new updated microcode_ctl package with the fix for several CVEs within CentOS 6 ELS has been scheduled for gradual rollout from our production repository.

 

Rollout slot: 2
Rolled out to: 0.1%
ETA for 100% rollout: September 21

CHANGELOG

SVEs list:

  • CVE-2021-24489
  • CVE-2020-24511
  • CVE-2020-24512
  • CVE-2020-24513

microcode_ctl-1.17-33.34.el6.cloudlinux.els

  • Fix incomplete cleanup in some Intel(R) VT-d products (CVE-2020-24489)
  • Fix improper isolation of shared resources in some Intel(R) Processors (CVE-2020-24511)
  • Fix observable timing discrepancy in some Intel(R) Processors (CVE-2020-24512)
  • Fix domain-bypass transient execution vulnerability in some Intel Atom(R) Processors (CVE-2020-24513)

UPDATE COMMAND

yum update microcode_ctl*

IMMEDIATE UPDATE (VIA BYPASS)

yum update microcode_ctl* --enablerepo=ELS6-rollout-2-bypass

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare