QID 239408

The microcode_ctl packages provide microcode updates for Intel.

Security Fix(es): hw: vt-d related privilege escalation (CVE-2020-24489) hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es)
and Enhancement(s): Update Intel CPU microcode to microcode-20210525 release Solution Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server 7 x86_64 Red Hat Enterprise Linux Workstation 7 x86_64 Red Hat Enterprise Linux Desktop 7 x86_64 Red Hat Enterprise Linux for Scientific Computing 7 x86_64 Fixes BZ - 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation BZ - 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors BZ - 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors BZ - 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors CVEs CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name

Affected Products:

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

On successful exploitation, it could allow an attacker to execute code.