An intel-microcode security update has been released for Debian GNU/Linux 10 LTS to update CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.

[SECURITY] [DLA 3537-1] intel-microcode security update

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-3537-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Utkarsh Gupta
August 22, 2023 https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package : intel-microcode
Version : 3.20230808.1~deb10u1
CVE ID : CVE-2022-40982 CVE-2022-41804 CVE-2023-23908
Debian Bug : 1043305

This update ships updated CPU microcode for some types of Intel CPUs
and provides mitigations for security vulnerabilities.

CVE-2022-40982

Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware
vulnerability which allows unprivileged speculative access to data
which was previously stored in vector registers.

For details please refer to https://downfall.page/ and
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html.

CVE-2022-41804

Unauthorized error injection in Intel SGX or Intel TDX for some
Intel Xeon Processors which may allow a local user to potentially
escalate privileges.

CVE-2023-23908

Improper access control in some 3rd Generation Intel Xeon Scalable
processors may result in an information leak.

For Debian 10 buster, these problems have been fixed in version
3.20230808.1~deb10u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS