СloudLinux Blog

CloudLinux OS 6 ELS: microcode_ctl package has been scheduled for gradual rollout

Written by Inessa Atmachian | Sep 7, 2021 3:21:23 PM

A new updated microcode_ctl package with the fix for the CVEs within CloudLinux OS 6 ELS has been scheduled for gradual rollout from our production repository.

CVEs fixed:

  • CVE-2021-24489
  • CVE-2020-24511
  • CVE-2020-24512
  • CVE-2020-24513

Rollout slot: 4
Rolled out to: 0.1%
ETA for 100% rollout: September 21

Changelog

microcode_ctl-1.17-33.34.el6.cloudlinux.els

  • Fix incomplete cleanup in some Intel(R) VT-d products (CVE-2020-24489)
  • Fix improper isolation of shared resources in some Intel(R) Processors (CVE-2020-24511)
  • Fix observable timing discrepancy in some Intel(R) Processors (CVE-2020-24512)
  • Fix domain-bypass transient execution vulnerability in some Intel Atom(R) Processors (CVE-2020-24513)

Update command

yum update microcode_ctl*

Immediate update (via bypass)

yum update microcode_ctl* --enablerepo=cloudlinux-rollout-4-bypass