CentOS Linux developer and maintainer Johnny Hughes announced today the availability of a new version of the microcode_ctl package that provides Intel CPU microcode updates in the CentOS Linux 7 release to address recent security vulnerabilities.
Being derived from the sources of Red Hat Enterprise Linux, CentOS Linux gets its updates from the upstream repositories. Now, you’re probably already aware of the recently discovered security vulnerabilities affecting some Intel processors, so you’re wondering when the patches will land in CentOS Linux 7.
Well, the time is now! An updated microcode_ctl version landed today in CentOS Linux 7‘s repositories to address the CVE-2020-8695, CVE-2020-8696, and CVE-2020-8698 vulnerabilities, which could enable information disclosure via local access.
The new microcode_ctl package landed in the upstream repositories of Red Hat Enterprise Linux 7 as of November 11th, 2020, but only now arrived in CentOS Linux 7’s repositories, so you can finally update and secure your systems.
Besides CentOS Linux 7, these vulnerabilities also affect all supported Red Hat Enterprise Linux 7 releases, including Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux for Scientific Computing 7.
If you’re using CentOS Linux 7 or Red Hat Enterprise Linux 7, you are urged to update the microcode_ctl package to version 2.1-73.2.el7_9 as soon as possible. After applying the new update, make sure you reboot your computer for the patches to be correctly installed.
In addition, you should also install the new Linux kernel version (3.10.0-1160.6.1.el7) that was released on November 18th for CentOS Linux 7 systems. This update addresses the CVE-2020-14331 and CVE-2019-20811 security vulnerabilities that may disturb the integrity of the system, and also fixes numerous other issues detailed in this security advisory.
Last updated 2 years ago