A new updated microcode_ctl package with the fix for the CVEs within CloudLinux OS 6 ELS has been rolled out to 100% and is now available for download from our production repository.
CVEs fixed:
- CVE-2021-24489
- CVE-2020-24511
- CVE-2020-24512
- CVE-2020-24513
Changelog
microcode_ctl-1.17-33.34.el6.cloudlinux.els
- Fix incomplete cleanup in some Intel(R) VT-d products (CVE-2020-24489)
- Fix improper isolation of shared resources in some Intel(R) Processors (CVE-2020-24511)
- Fix observable timing discrepancy in some Intel(R) Processors (CVE-2020-24512)
- Fix domain-bypass transient execution vulnerability in some Intel Atom(R) Processors (CVE-2020-24513)
Update command
yum update microcode_ctl*