Having updated the Linux kernel in Ubuntu 20.10 and all currently supported Ubuntu versions, Canonical has released an updated version of the package intel microcode to address the latest vulnerabilities found in Intel products. And they go ... I've certainly already lost count since Specter and Meltdown. Since then, there have been many security problems associated with the Santa Clara company.
In addition to vulnerability CVE-2020-8694 already patched in the Linux kernels of all Ubuntu versions, this new Intel Microcode package also has patches for the microcode that fix others such as CVE-2020-8695, CVE-2020-8696, and CVE-2020 -8698. The latter could allow a local attack and expose sensitive information.
The case of CVE-2020-8695, is a vulnerability discovered by Andreas Kogler, Catherine Easdon, Claudio Canella, Daniel Grus, David Oswald, Michael Schwarz and Moritz Lipp, in the RAPL (Intel Running Average Power Limit) feature of certain Intel microprocessors. In this case it allowed a side-channel attack based on energy consumption measurements.
In the case of the CVE-2020-8696 and CVE-2020-8698 were discovered by Ezra Caltum, Joseph Nuzman, Nir Shildan, and Ofir Joseff on some Intel microprocessors, causing shared resources to be improperly isolated or sensitive information removed prior to storage or transfer.
Canonical was quick to release these new patched versions of Intel's microcode (Intel Microcode 3.20201110.0) in Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 ESM, as well as in all their flavors. Although most likely they are also patched in Debian, SUSE, Red Hat, and other distros that usually receive frequent security patches.
You know, if you have an Intel chip affected by these vulnerabilities, make sure you update the system to be able to be protected against these security flaws ...
- More information (find the status of vulnerabilities, description, etc.) - See Miter CVE database