{"id":"MGASA-2022-0064","summary":"Updated microcode packages fix security vulnerabilities","details":"Updated microcodes for Intel processors, fixing various functional\nissues, and at least the following security issues:\n\nInsufficient control flow management in some Intel(R) Processors may allow\nan authenticated user to potentially enable a denial of service via local\naccess (CVE-2021-0127 / SA-00532).\n\nImproper initialization of shared resources in some Intel(R) Processors may\nallow an authenticated user to potentially enable information disclosure\nvia local access (CVE-2021-0145 / SA-00561).\n\nHardware allows activation of test or debug logic at runtime for some\nIntel(R) processors which may allow an unauthenticated user to potentially\nenable escalation of privilege via physical access\n(CVE-2021-0146 / SA-00528).\n\nOut of bounds read under complex microarchitectural condition in memory\nsubsystem for some Intel Atom(R) Processors may allow authenticated user\nto potentially enable information disclosure or cause denial of service\nvia network access (CVE-2021-33120 / SA-00589)\n\nFor info about the other fixes in this update, see the github reference.\n","modified":"2026-04-16T00:10:16.125100587Z","published":"2022-02-15T20:50:31Z","upstream":["CVE-2021-0127","CVE-2021-0145","CVE-2021-0146","CVE-2021-33120"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0064.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30037"},{"type":"WEB","url":"https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00561.html"},{"type":"ADVISORY","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00589.html"}],"affected":[{"package":{"name":"microcode","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20220207-1.mga8.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0064.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}