Issues with the recent CVE update (CVE-2020-0543)

Jun 12, 2020 7:06:04 PM / by Ivan Zhmud

 

CVE-2020-0543-(SRBDS)-1

With the recent CVE update (CVE-2020-0543), we have noticed issues with the specific hardware. Namely, servers with CPUs from the list below report server crashes while applying the latest updates:

  • Intel(R) Xeon(R) CPU E3-1230
  • Intel(R) Core(TM) i9-9900K
  • Intel(R) Xeon(R) CPU E3-1270

And some other SKYLAKE-U/Y processors. A list by IDs:

  • KBL-U/Y H0 (06-8e-09:c0) 62->80
  • KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
  • KBL-H/S B0 (06-9e-09:2a) 5e->80
  • CFL U0 (06-9e-0a:22) 70->80
  • CFL B0 (06-9e-0b:02) 72->80

If you have been affected by it, try to disable the microcode_ctl service for the time being.

service microcode_ctl disable

To avoid any downtime, we recommend holding on with the recent CVE update. The latest "safe" package is the following one: microcode_ctl-2.1-61.6.el7_8.cloudlinux.1

Still, it doesn't include the recent CVE fix. If the CVE-2020-0543 update is a must for you, you can download it from our beta repositories via:

yum downgrade microcode_ctl --disablerepo=* --enablerepo=cloudlinux-updates-testing

 

Topics: Technical Blog, CVE-2020-0543

Ivan Zhmud

Written by Ivan Zhmud

Ivan is a Project Manager at CloudLinux and is leading the CloudLinux OS product team.

    Subscribe to Email Updates

    Recent Posts