{"id":"MGASA-2021-0140","summary":"Updated microcode package fixes security vulnerabilities","details":"This update adds new microcode updates to mitigate CVE-2020-8696 for Intel\nSkylake server (50654) and Cascade Lake Server (50656 & 50657) processors.\nThe new microcode update mitigates an issue when using an active JTAG agent\nlike In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard\nManagement Controller (BMC) to take the CPU JTAG/TAP out of reset and then\nreturning it to reset.\n\nImproper isolation of shared resources in some Intel(R) Processors may\nallow an authenticated user to potentially enable information disclosure\nvia local access (CVE-2020-8698).\n\nImproper removal of sensitive information before storage or transfer in\nsome Intel(R) Processors may allow an authenticated user to potentially\nenable information disclosure via local access (CVE-2020-8696).\n","modified":"2026-01-31T22:03:14.246642Z","published":"2021-03-17T06:16:07Z","related":["CVE-2020-8696","CVE-2020-8698"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0140.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28579"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"}],"affected":[{"package":{"name":"microcode","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20210216-1.mga7.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0140.json"}},{"package":{"name":"microcode","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20210216-1.mga8.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0140.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}