A new microcode security update for Intel CPU microarchitectures has been released by the Debian project to fix problems with Xeon processors and add mitigation for Lake Coffe CPUs.
Debian releases updated Intel microcode for Lake Coffe CPUs
Last month, on November 13, Debian released an updated CPU microcode for various types of Intel CPUs to mitigate the TAA (TSX Asynchronous Abort) vulnerability (CVE-2019-11135). But not all Intel CPU models were covered by the update, so they released a new microcode security update that also fixes this bug for Coffe Lake processors.
“This update includes the updated CPU microcode for CFL-S (Coffe Lake Desktop) models that were not yet included in the Intel microcode update released as DSA 4565-1,” the security advisory says. “We recommend that you update your microcode packages.
In addition, the new Intel microcode security update fixes an issue in the HEDT and Xeon processors with signature 0x50654 that may have caused it to hang during hot restarts by pushing back the CPU microcode. Therefore, users who installed the previous update are strongly advised to update the intel-microcode package as soon as possible and also install the latest Linux kernel update.
In the distribution of Debian GNU/Linux 9, users should update the intel-microcode to version .3.20191115.2~deb9u1, and in the last stable series of “Buster” of Debian GNU/Linux 10, they should update the intel-microcode to version 3.20191115.2~deb10u1.
More information about the latest updates can be found at this link.