USN-5612-1

Source
https://ubuntu.com/security/notices/USN-5612-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5612-1.json
Related
Published
2022-09-15T02:52:45.399091Z
Modified
2022-09-15T02:52:45.399091Z
Details

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves.

References

Affected packages

Ubuntu:22.04:LTS / intel-microcode

Package

Name
intel-microcode

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.20220809.0ubuntu0.22.04.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "intel-microcode": "3.20220809.0ubuntu0.22.04.1"
        }
    ]
}

Ubuntu:18.04:LTS / intel-microcode

Package

Name
intel-microcode

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.20220809.0ubuntu0.18.04.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "intel-microcode": "3.20220809.0ubuntu0.18.04.1"
        }
    ]
}

Ubuntu:20.04:LTS / intel-microcode

Package

Name
intel-microcode

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
3.20220809.0ubuntu0.20.04.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "intel-microcode": "3.20220809.0ubuntu0.20.04.1"
        }
    ]
}