- Vulnerability/
- USN-6244-1
USN-6244-1: AMD Microcode vulnerability
First published: Tue Jul 25 2023(Updated: )
Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/amd64-microcode | <3.20220411.1ubuntu3.1 | 3.20220411.1ubuntu3.1 |
| =23.04 | ||
| All of | ||
| ubuntu/amd64-microcode | <3.20191218.1ubuntu2.1 | 3.20191218.1ubuntu2.1 |
| =22.04 | ||
| All of | ||
| ubuntu/amd64-microcode | <3.20191218.1ubuntu1.1 | 3.20191218.1ubuntu1.1 |
| =20.04 | ||
| All of | ||
| ubuntu/amd64-microcode | <3.20191021.1+really3.20181128.1~ubuntu0.18.04.1+esm1 | 3.20191021.1+really3.20181128.1~ubuntu0.18.04.1+esm1 |
| =18.04 | ||
| All of | ||
| ubuntu/amd64-microcode | <3.20191021.1+really3.20180524.1~ubuntu0.16.04.2+esm1 | 3.20191021.1+really3.20180524.1~ubuntu0.16.04.2+esm1 |
| =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2023-20593
- https://ubuntu.com/security/notices/USN-6315-1
- https://ubuntu.com/security/notices/USN-6316-1
- https://ubuntu.com/security/notices/USN-6317-1
- https://ubuntu.com/security/notices/USN-6318-1
- https://ubuntu.com/security/notices/USN-6321-1
- https://ubuntu.com/security/notices/USN-6324-1
- https://ubuntu.com/security/notices/USN-6325-1
- https://ubuntu.com/security/notices/USN-6328-1
- https://ubuntu.com/security/notices/USN-6329-1
- https://ubuntu.com/security/notices/USN-6330-1
- https://ubuntu.com/security/notices/USN-6331-1
- https://ubuntu.com/security/notices/USN-6332-1
- https://ubuntu.com/security/notices/USN-6342-1
- https://ubuntu.com/security/notices/USN-6346-1
- https://ubuntu.com/security/notices/USN-6348-1
- https://ubuntu.com/security/notices/USN-6342-2
- https://ubuntu.com/security/notices/USN-6357-1
- https://ubuntu.com/security/notices/USN-6385-1
- https://ubuntu.com/security/notices/USN-6397-1
- https://ubuntu.com/security/notices/USN-6532-1
- https://launchpad.net/ubuntu/+source/amd64-microcode/3.20220411.1ubuntu3.1
- https://launchpad.net/ubuntu/+source/amd64-microcode/3.20191218.1ubuntu2.1
- https://launchpad.net/ubuntu/+source/amd64-microcode/3.20191218.1ubuntu1.1
- https://ubuntu.com/security/notices/USN-6244-1 (Advisory)
Frequently Asked Questions
What is USN-6244-1?
USN-6244-1 is a security vulnerability in AMD microcode that could allow a local attacker to expose sensitive information.
How does the AMD Microcode vulnerability work?
The AMD Microcode vulnerability occurs when certain vector register instructions are not properly handled during speculative execution, allowing a local attacker to expose sensitive information.
Which systems are affected by the AMD Microcode vulnerability?
Systems running Ubuntu 23.04, 22.04, 20.04, 18.04, and 16.04 with specific versions of the amd64-microcode package are affected by the AMD Microcode vulnerability.
How can I fix the AMD Microcode vulnerability?
To fix the AMD Microcode vulnerability, update the amd64-microcode package to version 3.20220411.1ubuntu3.1 (for Ubuntu 23.04), 3.20191218.1ubuntu2.1 (for Ubuntu 22.04), 3.20191218.1ubuntu1.1 (for Ubuntu 20.04), 3.20191021.1+really3.20181128.1~ubuntu0.18.04.1+esm1 (for Ubuntu 18.04), or 3.20191021.1+really3.20180524.1~ubuntu0.16.04.2+esm1 (for Ubuntu 16.04).
Where can I find more information about the AMD Microcode vulnerability?
More information about the AMD Microcode vulnerability can be found at the following references: USN-6315-1, USN-6316-1, and CVE-2023-20593.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-6315-1
- anchor-related/USN-6316-1
- anchor-related/USN-6317-1
- anchor-related/USN-6318-1
- anchor-related/USN-6321-1
- anchor-related/USN-6324-1
- anchor-related/USN-6325-1
- anchor-related/USN-6328-1
- anchor-related/USN-6329-1
- anchor-related/USN-6330-1
- anchor-related/USN-6331-1
- anchor-related/USN-6332-1
- anchor-related/USN-6342-1
- anchor-related/USN-6346-1
- anchor-related/USN-6348-1
- anchor-related/USN-6342-2
- anchor-related/USN-6357-1
- anchor-related/USN-6385-1
- anchor-related/USN-6397-1
- anchor-related/USN-6532-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/23.04
- version/ubuntu ubuntu/22.04
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04