{"id":"MGASA-2022-0193","summary":"Updated microcode packages fix security vulnerabilities","details":"Updated microcodes for Intel processors, fixing various functional\nissues, and at least the following security issues:\n\nSensitive information accessible by physical probing of JTAG interface\nfor some Intel(R) Processors with SGX may allow an unprivileged user to\npotentially enable information disclosure via physical access\n(CVE-2022-0005).\n\nDescription: Improper access control for some Intel(R) Xeon(R) Processors\nmay allow an authenticated user to potentially enable information disclosure\nvia local access (CVE-2022-21131).\n\nImproper input validation for some Intel(R) Xeon(R) Processors may allow a\nprivileged user to potentially enable denial of service via local access\n(CVE-2022-21136).\n\nProcessor optimization removal or modification of security-critical code for\nsome Intel(R) Processors may allow an authenticated user to potentially enable\ninformation disclosure via local access (CVE-2022-21151).\n\nFor info about the other fixes in this update, see the github reference.\n","modified":"2026-01-30T10:00:09.958165Z","published":"2022-05-21T08:50:18Z","related":["CVE-2022-0005","CVE-2022-21131","CVE-2022-21136","CVE-2022-21151"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0193.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30425"},{"type":"REPORT","url":"https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220510"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00616.html"},{"type":"REPORT","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617.html"}],"affected":[{"package":{"name":"microcode","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/microcode?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20220510-1.mga8.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0193.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}