Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability

From: Andrew Cooper
Date: Wed Nov 13 2024 - 21:09:23 EST

Next message: Ian Rogers: "Re: [PATCH v1 3/4] tools/perf: Modify event parser to support alt-period term"
Previous message: kernel test robot: "[tip:locking/core] BUILD SUCCESS 3b49a347d751553b1d1be69c8619ae2e85fdc28d"
In reply to: Nikolay Borisov: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> == Microcode Revision Discussion == The microcode versions in the
>> table were generated from the Intel microcode git repo: 29f82f7429c
>> ("microcode-20241029 Release")
> This upstream microcode release only contained an update for a
> functional issue[1] - not any fixes for security issues.

Now I can point at them, see the release notes for 8ac9378a8487
("microcode-20241112 Release").

Note how it's admitting to have fixed security issues silently in prior
drops. If I were you, I wouldn't make assumptions based on what's not
said in the release notes.

I can count on one hand the number of drops in that repo which I know
(or reasonably suspect) to be "functional issues only", but the one you
happened to reference is a fix for "this CPU overvolts itself to an
early grave". Many would consider this a denial of service, against
ones wallet if nothing else.

~Andrew

Next message: Ian Rogers: "Re: [PATCH v1 3/4] tools/perf: Modify event parser to support alt-period term"
Previous message: kernel test robot: "[tip:locking/core] BUILD SUCCESS 3b49a347d751553b1d1be69c8619ae2e85fdc28d"
In reply to: Nikolay Borisov: "Re: [RFC][PATCH] x86/cpu/bugs: Consider having old Intel microcode to be a vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]