This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the Indirect Target Selection (ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection vulnerability (CVE-2024-45332).
For CPUs affected to ITS (Indirect Target Selection), to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages released in a separate, forthcoming DSA.
For details on the Indirect Target Selection (ITS) vulnerability please refer to https://www.vusec.net/projects/training-solo/ and https://www.intel.com/content/www/u...isory-guidance/indirect-target-selection.html .
For details on the Branch Privilege Injection vulnerability please refer to https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
https://security-tracker.debian.org/tracker/DSA-5924-1
Continue reading...
For CPUs affected to ITS (Indirect Target Selection), to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages released in a separate, forthcoming DSA.
For details on the Indirect Target Selection (ITS) vulnerability please refer to https://www.vusec.net/projects/training-solo/ and https://www.intel.com/content/www/u...isory-guidance/indirect-target-selection.html .
For details on the Branch Privilege Injection vulnerability please refer to https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
https://security-tracker.debian.org/tracker/DSA-5924-1
Continue reading...
