Rapid7 Vulnerability & Exploit Database

Oracle Linux: ELSA-2018-4019: microcode_ctl security update

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Linux: ELSA-2018-4019: microcode_ctl security update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
01/21/2018
Created
03/05/2020
Added
03/02/2020
Modified
08/06/2024

Description

[1:1.17-25.4.0.2] - Revert: early microcode load to allow updating Broadwell model 79 - Revert: Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Revert: Run dracut upon microcode update - Revert updated Intel 20180108 microcode for CPUIDs: {CVE-2017-5715} 306c3 (06-3c-03 rev 0x23, Haswell); 306d4 (06-3d-04 rev 0x28, Broadwell); 306f2 (06-3f-02 rev 0x3b, Haswell); 306f4 (06-3f-04 rev 0x10, Haswell); 306e4 (06-3e-04 rev 0x42a, Ivy Bridge); 40651 (06-45-01 rev 0x21, Haswell); 40661 (06-46-01 rev 0x18, Haswell); 40671 (06-47-01 rev 0x1b, Broadwell); 406e3 (06-4e-03 rev 0xc2, Skylake); 406f1 (06-4f-01 rev 0xb000025, Broadwell); 50654 (06-55-04 rev 0x200003c, Skylake); 50662 (06-56-02 rev 0x14, Broadwell); 50663 (06-56-03 rev 0x7000011, Broadwell); 506e3 (06-5e-03 rev 0xc2, Skylake); 706a1 (06-7a-01 rev 0x22); 806e9 (06-8e-09 rev 0x80, Kaby Lake); 806ea (06-8e-0a rev 0x80); 906e9 (06-9e-09 rev 0x80, Kaby Lake) 906ea (06-9e-0a rev 0x80); 906eb (06-9e-0b rev 0x80)

Solution(s)

  • oracle-linux-upgrade-microcode_ctl

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;