Notorious Downfall & Inception Microcode Info Disclosure Vulns Fixed
Multiple significant microcode security issues have been discovered. An information exposure bug known as Downfall (CVE-2022-40982) has been found in some Intel(R) Processors, as well as a side channel vulnerability in some AMD CPUs known as Inception (CVE-2023-20569) that may allow an attacker to influence the return address prediction, potentially resulting in speculative execution at an attacker-controlled address.
These flaws could result in the disclosure of sensitive information.
Important security updates that mitigate these notorious flaws have been released. We strongly encourage all impacted users to apply the updates released by Debian, Debian LTS, Fedora, Oracle and Ubuntu as soon as possible to protect the confidentiality and integrity of their sensitive data.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).