Accepted amd64-microcode 1.20160316.1 (amd64 i386 source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 19 Mar 2016 19:10:20 -0300
Source: amd64-microcode
Binary: amd64-microcode
Architecture: amd64 i386 source
Version: 1.20160316.1
Distribution: oldstable
Urgency: critical
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description:
amd64-microcode - Processor microcode firmware for AMD CPUs
Changes:
amd64-microcode (1.20160316.1) oldstable; urgency=critical
.
* Upstream release 20160316 built from linux-firmware:
+ Updated Microcodes:
sig 0x00600f20, patch id 0x0600084f, 2016-01-25
+ This microcode updates fixes a critical erratum on NMI handling
introduced by microcode patch id 0x6000832 from the 20141028 update.
The erratum is also present on microcode patch id 0x6000836.
+ THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
AMD PILEDRIVER PROCESSORS, including:
+ AMD Opteron 3300, 4300, 6300
+ AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
+ AMD processors with family 21, model 2, stepping 0
* Robert Święcki, while fuzzing the kernel using the syzkaller tool,
uncovered very strange behavior on an AMD FX-8320, later reproduced on
other AMD Piledriver model 2, stepping 0 processors including the Opteron
6300. Robert discovered, using his proof-of-concept exploit code, that
the incorrect behavior allows an unpriviledged attacker on an unpriviledged
VM to corrupt the return stack of the host kernel's NMI handler. At best,
this results in unpredictable host behavior. At worst, it allows for an
unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
ring 0 code injection attack.
* The erratum is timing-dependant, easily triggered by workloads that
cause a high number of NMIs, such as running the "perf" tool.
Checksums-Sha1:
d779f73e56a69862cc71a5ed908e4c504354914f 1661 amd64-microcode_1.20160316.1.dsc
e320e3a203a176c08097b65b7617852e2038c849 28704 amd64-microcode_1.20160316.1.tar.gz
c6f4788cdd5c1929789cd7256d07269bd5dc6e58 28728 amd64-microcode_1.20160316.1_amd64.deb
95fd9ba42deef062e059a54b9a1ea6ee7f006748 28730 amd64-microcode_1.20160316.1_i386.deb
Checksums-Sha256:
64467243bcf48bada83743d0eb23c1173d9592a9cf5ee37a37de9c63a23bd030 1661 amd64-microcode_1.20160316.1.dsc
f182844bafb96dc6bc5511e826bc2654e970d810127de9b7d3643ac564dfe7f4 28704 amd64-microcode_1.20160316.1.tar.gz
2e616c90deae25a1c47777f457e5f138d52d3e21f743454ef430f0b33b7d0ae4 28728 amd64-microcode_1.20160316.1_amd64.deb
2b7e38e6861faf03a8b9ce3b01725f83e2597b65fd9a4bebec0f670cdf392cef 28730 amd64-microcode_1.20160316.1_i386.deb
Files:
6ed926069d222e4fe22396c11f1688bf 1661 non-free/admin standard amd64-microcode_1.20160316.1.dsc
24b3fd03f0f8127c67e47b5d9ea3f5ea 28704 non-free/admin standard amd64-microcode_1.20160316.1.tar.gz
92c79144f882c3100da2d41b7c793655 28728 non-free/admin standard amd64-microcode_1.20160316.1_amd64.deb
bb716438f913a52b55c1251222c436c6 28730 non-free/admin standard amd64-microcode_1.20160316.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW7c+nAAoJEJE3+9PebwqTX6YQAJs7ytViRHJQ9WJKmxm0vCLm
aARjve9zy9BwuFFa+T1v1sYqkrlSHT/reCPPisycRX8OwT/2BS9Lg2x8Mn+dZusR
AgERTC5prvwQAT/s/e1u1wfvJZ5HDDuuhym7kuK6XXDcjXG1eLme7GdhMMWOcvlc
rI6vTMnrljZV9l1QGS1Ih/Y2iQLwZWN8H1d+jPq0/D4eUdLsjZh3QmJRkwNJ69a9
0BQk4PH8y2qQYiSNovJ9OhLJhR+mEMbd0IHYez0XdRa92QEvGeJuSHWQZY2zrhLG
eqVAseC/3mlN2dvol1NxH36P8ta2M6aWPYfobVsb5/wfV0KGe4rg8NZ2y3uBfp1E
x+aq+xLGeAfbB+FcvLAQ0uatQSNNiNve/tEeHtiCer1T9oOMUFQoHFFLruZxYHI4
sGapzOyiSXym757q2A8xDbxI3f4cFDkYamRJYxd+T3oOlyWxHg91NKUmuHUG/MN1
NxBZlNY6vu9AFRcgtAb1ArEPjWACRYAIgYoxIIsb4z17FNnWXYQO0M4lbhDoIeOn
yKGuRRQwVd41N2TcKHOtWNmwHtHmf1deQ3q+aBxHR31w91CLG5kd2K+2QO5Rn4Ta
Q8QOgCuRuoJ2uvv2NQPl2mvnpJ1QKkmaOiI9L7Ut+LDGInS+7JWvGHPRHWY25E+v
I8G1skAQjZgtgfDbrZsW
=2ge1
-----END PGP SIGNATURE-----
Reply to: