Canonical Patches Intel Microcode Regression on Ubuntu PCs with Skylake CPUs
Canonical has published a new security advisory today where the company behind the popular Ubuntu Linux operating system apologizes for a regression introduced by the latest Intel microcode firmware update.
On November 12th, 2019, Canonical published important kernel security updates for all supported Ubuntu Linux releases to address two flaws (CVE-2019-11135 and CVE-2019-11139) discovered by various security researchers in Intel processors using Transactional Synchronization Extensions (TSX), as well as on certain Intel Xeon processors.
While the first vulnerability could allow a local attacker to expose sensitive information, such as memory contents that were previously stored in microarchitectural buffers, the second issue could allow a local privileged attacker to cause a denial of service (system crash). The in… (read more)