Accepted amd64-microcode 2.20160316.1 (amd64 i386 source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 19 Mar 2016 14:02:44 -0300
Source: amd64-microcode
Binary: amd64-microcode
Architecture: amd64 i386 source
Version: 2.20160316.1
Distribution: unstable
Urgency: critical
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description:
amd64-microcode - Processor microcode firmware for AMD CPUs
Changes:
amd64-microcode (2.20160316.1) unstable; urgency=critical
.
* Upstream release 20160316 built from linux-firmware:
+ Updated Microcodes:
sig 0x00600f20, patch id 0x0600084f, 2016-01-25
+ This microcode updates fixes a critical erratum on NMI handling
introduced by microcode patch id 0x6000832 from the 20141028 update.
The erratum is also present on microcode patch id 0x6000836.
+ THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
AMD PILEDRIVER PROCESSORS, including:
+ AMD Opteron 3300, 4300, 6300
+ AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
+ AMD processors with family 21, model 2, stepping 0
* Robert Święcki, while fuzzing the kernel using the syzkaller tool,
uncovered very strange behavior on an AMD FX-8320, later reproduced on
other AMD Piledriver model 2, stepping 0 processors including the Opteron
6300. Robert discovered, using his proof-of-concept exploit code, that
the incorrect behavior allows an unpriviledged attacker on an unpriviledged
VM to corrupt the return stack of the host kernel's NMI handler. At best,
this results in unpredictable host behavior. At worst, it allows for an
unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
ring 0 code injection attack.
* The erratum is timing-dependant, easily triggered by workloads that cause
a high number of NMIs, such as running the "perf" tool.
Checksums-Sha1:
bb244e11032694777dcf7af4a0442fa17000d263 1681 amd64-microcode_2.20160316.1.dsc
1110537dc0021e5fde9af57e8e0b0a710d5777ca 29040 amd64-microcode_2.20160316.1.tar.xz
0090fbbaced869996c8f60b056ea274392dc0bfb 29434 amd64-microcode_2.20160316.1_amd64.deb
02342d34f11357f6c9fb80db8ff77da119189f84 29442 amd64-microcode_2.20160316.1_i386.deb
Checksums-Sha256:
203e8720e927f261dbd5c361248bdde041016eaf4ee45626bfbfe97b0b457bce 1681 amd64-microcode_2.20160316.1.dsc
25c38601269a0c84f53dd6ec48136d50f600418a09557806b008f8b5d9cad72a 29040 amd64-microcode_2.20160316.1.tar.xz
1e2d2b4b6cd1a58695fc9fe3da4634f50eb6eba2b5d6ac6c2cec121d02b7f32b 29434 amd64-microcode_2.20160316.1_amd64.deb
db3e207349d607c32f4f2d1d65f95a18eaab531c8853db0bd8931cf8ec03d986 29442 amd64-microcode_2.20160316.1_i386.deb
Files:
c9dab23cd4d13903c784fc9d9622c6e9 1681 non-free/admin standard amd64-microcode_2.20160316.1.dsc
0bccd387288ee122ef4cd8a6ebc7db7e 29040 non-free/admin standard amd64-microcode_2.20160316.1.tar.xz
445c04ba7fb6d4d89a6850885e1a739e 29434 non-free/admin standard amd64-microcode_2.20160316.1_amd64.deb
2de786536bd517f9a9d34f4875431ae8 29442 non-free/admin standard amd64-microcode_2.20160316.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW7YyhAAoJEJE3+9PebwqTrVUP/jmncUVh9VCRaXChfSe/CU+h
9tUfbO2PY/KX9np/MthRX8ODuGVA+XEtLS2+aFJL46KC7GRPlS5JoDoHwOi0jhto
UDg2+0n3r0Zoz7XGI8BcjByJrbQUWRBNCb50CotOzkEOwbVZD7oZKNPi6ttDB1J6
fllzsC+qT19vaqeHzgJxRO8vAFM2iOVW9Xmp+71mai97RYcpBzgZC+QX6pLsQk7N
wLDah4YFvfPH/7EdcHMYdt42AHksCEPE3bofRD2hDN/PQrUvWlKluQRBlyTc9i76
g+uOlZjETMBpiiwoXjqlbj755q81+bVpikNYJR+VwRbko+3AQOBfsS/aMkwVlKeN
SawHpPTAHtcV3SidvH6tyk9PS3kqPfUeDrEFznjU40XJqZILQH7W+cHVRId1gtHb
LcrCtpCSL1mj2NAN5EgvILU0nkO5PX0zOcFnIQpsRLcIc5nJ4KGT1RHTtvR683rK
TwbN9CbRPxWwMG8T0boqwEBMmxg8st+Pus8H64imtTTc4YTe3vzPt/hA1tXZyBuW
zEuYI6x08lML6/Pdxqvz7toCSLGQJL0VGsnO4B3JGdth8+8U6Rrs4A2MGHslkteN
A+17OFOG9d+3UaRi/vzCcH4W394VrydB4fy4z6AzgQim3vJR786674IhcihFzw16
sAL1qw6UYek3gPnvl8ft
=ZEkA
-----END PGP SIGNATURE-----