Ubuntu
amd64-microcode package

amd64-microcode 3.20250311.1ubuntu0.24.10.1 source package in Ubuntu

Changelog

amd64-microcode (3.20250311.1ubuntu0.24.10.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Update package data from linux-firmware 20250311
    - New AMD microcodes (20241121):
      Family=0x17 Model=0x60 Stepping=0x01: Patch=0x0860010d
      Family=0x17 Model=0x68 Stepping=0x01: Patch=0x08608108
      Family=0x17 Model=0x71 Stepping=0x00: Patch=0x08701034
      Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820c
      Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108108
      Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102d
      Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201210
      Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404107
      Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500011
      Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a601209
      Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704107
      Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705206
      Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708007
      Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c005
    - Updated microcodes:
      Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a0000a
    - New SEV firmware (20250221):
      Family 19h models a0h-afh: version 1.55 build 39
      Family 1ah models 00h-0fh: version 1.55 build 54
    - Updated SEV firmware:
      Family 17h models 30h-3fh: version 0.24 build 20
      Family 19h models 00h-0fh: version 1.55 build 29
      Family 19h models 10h-1fh: version 1.55 build 39
    - CVE-2024-56161 (AMD-SB-3019)
      Update remote attestation to be compatible with AMD systems with
      up-to-date firmware (i.e. which fixes "EntrySign"), and update
      AMD-SEV for AMD-SB-3019 mitigations.
    - CVE-2023-20584 (AMD-SB-3003)
      IOMMU improperly handles certain special address ranges with
      invalid device table entries (DTEs), which may allow an attacker
      with privileges and a compromised Hypervisor to induce DTE faults
      to bypass RMP checks in SEV-SNP, potentially leading to a loss of
      guest integrity.
    - CVE-2023-31356 (AMD-SB-3003)
      Incomplete system memory cleanup in SEV firmware could allow a
      privileged attacker to corrupt guest private memory, potentially
      resulting in a loss of data integrity.
  * Remaining changes:
    - initramfs-tools hook (debian/initramfs.hook):
      + Default to 'early' instead of 'auto' when building with
        MODULES=most
      + Do not override preset defaults from auto-exported conf
        snippets loaded by initramfs-tools.

 -- Eduardo Barretto <email address hidden>  Tue, 27 May 2025 18:08:31 +0200

Upload details

Uploaded by:
Eduardo Barretto
Uploaded to:
Oracular
Original maintainer:
Ubuntu Developers
Architectures:
i386 amd64 x32
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Oracular: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
amd64-microcode_3.20250311.1ubuntu0.24.10.1.tar.xz 276.9 KiB 537f07524dacd3463af0ebebe1b128190aefee1a0df018b841664d8470923851
amd64-microcode_3.20250311.1ubuntu0.24.10.1.dsc 1.8 KiB b26441305bf87340344bd6d3fc7522c72e148c4821399457817211b9c4538859

View changes file

Binary packages built by this source

amd64-microcode: No summary available for amd64-microcode in ubuntu oracular.

No description available for amd64-microcode in ubuntu oracular.