Back to amd64-microcode PTS page

Accepted amd64-microcode 2.20160316.1~deb8u1 (amd64 i386 source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 19 Mar 2016 14:21:54 -0300
Source: amd64-microcode
Binary: amd64-microcode
Architecture: amd64 i386 source
Version: 2.20160316.1~deb8u1
Distribution: stable
Urgency: critical
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description: 
 amd64-microcode - Processor microcode firmware for AMD CPUs
Changes:
 amd64-microcode (2.20160316.1~deb8u1) stable; urgency=critical
 .
   * This is exactly the same release as 2.20160316.1
 .
 amd64-microcode (2.20160316.1) unstable; urgency=critical
 .
   * Upstream release 20160316 built from linux-firmware:
     + Updated Microcodes:
       sig 0x00600f20, patch id 0x0600084f, 2016-01-25
     + This microcode updates fixes a critical erratum on NMI handling
       introduced by microcode patch id 0x6000832 from the 20141028 update.
       The erratum is also present on microcode patch id 0x6000836.
     + THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
       AMD PILEDRIVER PROCESSORS, including:
       + AMD Opteron 3300, 4300, 6300
       + AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
       + AMD processors with family 21, model 2, stepping 0
   * Robert Święcki, while fuzzing the kernel using the syzkaller tool,
     uncovered very strange behavior on an AMD FX-8320, later reproduced on
     other AMD Piledriver model 2, stepping 0 processors including the Opteron
     6300.  Robert discovered, using his proof-of-concept exploit code, that
     the incorrect behavior allows an unpriviledged attacker on an unpriviledged
     VM to corrupt the return stack of the host kernel's NMI handler.  At best,
     this results in unpredictable host behavior.  At worst, it allows for an
     unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
     ring 0 code injection attack.
   * The erratum is timing-dependant, easily triggered by workloads that cause
     a high number of NMIs, such as running the "perf" tool.
Checksums-Sha1: 
 c9cb774955eaca164ae71568621846e7824a704a 1709 amd64-microcode_2.20160316.1~deb8u1.dsc
 a3cf2f36f9ef1d4426eb4bbce55c234a454467b4 29124 amd64-microcode_2.20160316.1~deb8u1.tar.xz
 80b57ab31e18a652d3c138167ed4c198c0ccbb6a 29620 amd64-microcode_2.20160316.1~deb8u1_amd64.deb
 bcddaa42c3286ddba0a4f4bcf93cb6b537f27f5e 29632 amd64-microcode_2.20160316.1~deb8u1_i386.deb
Checksums-Sha256: 
 b59e0601c563bbb2a571a6a7ddd3a4873c588afbb209d093607100a6eb84c74c 1709 amd64-microcode_2.20160316.1~deb8u1.dsc
 2a95e913df22e2ac268ae52e23b42f1f10bc0c3333cecea1f06cd3de5067ee5a 29124 amd64-microcode_2.20160316.1~deb8u1.tar.xz
 130ac37a9240259322c26b04cba28d528acbc126ad5f4683eb60726f840cf105 29620 amd64-microcode_2.20160316.1~deb8u1_amd64.deb
 b4df68a2becd1938b5ac38380472ec32a26b41e8def2d56eba2c98ce69012cf3 29632 amd64-microcode_2.20160316.1~deb8u1_i386.deb
Files: 
 61547e56775bce4042f9644ae425a033 1709 non-free/admin standard amd64-microcode_2.20160316.1~deb8u1.dsc
 ed8f76491da9263077b5b4ceb73b2c98 29124 non-free/admin standard amd64-microcode_2.20160316.1~deb8u1.tar.xz
 1694e8623b17cc87d7a61acd7bcffab0 29620 non-free/admin standard amd64-microcode_2.20160316.1~deb8u1_amd64.deb
 fcab6f2f7b4f28166dc493bf55dd701b 29632 non-free/admin standard amd64-microcode_2.20160316.1~deb8u1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW7Y68AAoJEJE3+9PebwqTZG4QAIlndFhfq0vB7G3vF2dy1Q96
RWIrxpRuf+QvH2yPsHfX50ByC51MWpyqWb9kTqi+H8TePrkky46ewePZgXamdQ6y
0h76dnS/9utSeIGLTt3n/KOuyiPfvh22ukya+4OVOtwMtQhc+KeNDkkt7MsMk0Sm
bA8AJQz3Qjh22kUZx69IF5uEyBiZV7Nxgsztkve0bkPNHwIvUqWbakev6garLRpI
8vC1a1upzhqTn95AMmuVehKD/1zXkkJOz8n/7jTGgMKwj+6PWdbRRwPwCwN6kG3k
hn6NUZ5CB8r+zC5Z8udpjHVatk2/0ffYhFPA8XV4TIYsnSomKDeZDGs+Pk0CE0Fs
vvs9hC7I1l1kDj2iEhO7nrQ7NJzeP1ipVfjyFsj0fU2x2tPyMHMhGzes0ET7eeTZ
bTTaSLrlkSu1hf8serOsVXKaqRwzUC0XOPI4kbng6C00M0Gm8Z2DhVrSKBJlsz76
KYVrFNs7ibIMeW4nFDhNDJerNOuOyJ7fbW5Ct5Kvvh/1bKXhjCG3Rj04222fUQUf
L9iobQYnsHTiOOjpbLLfspjsdIwcCjdsG85eKzqCp7KqurhJmEqRckWfGkIBla9j
ZIt5h30DViMm5iN9iRLoXIxMwJVDFwOnl1xQ42ZsPgXVDFYlHCLXGfcfv9s8E2Gi
Nlqvthfd+EUfFxdmHbXh
=JVtn
-----END PGP SIGNATURE-----