Deployed ef5faa3 with MkDocs version: 1.5.3

This commit is contained in:
2023-11-15 21:59:06 +00:00
parent 8a09069bb3
commit 16b7511b3f
11 changed files with 2631 additions and 25 deletions

122
404.html
View File

@ -270,8 +270,6 @@
@ -293,7 +291,7 @@
<span class="md-ellipsis"> <span class="md-ellipsis">
Packages Issues
</span> </span>
@ -302,6 +300,104 @@
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false"> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2"> <label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="/issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="/issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis">
Packages
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
Packages Packages
</label> </label>
@ -352,6 +448,26 @@
<li class="md-nav__item">
<a href="/packages/microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="/packages/openssh/" class="md-nav__link"> <a href="/packages/openssh/" class="md-nav__link">

View File

@ -14,7 +14,7 @@
<link rel="next" href="packages/glibc/"> <link rel="next" href="issues/CVE-2023-23583/">
<link rel="icon" href="assets/images/favicon.png"> <link rel="icon" href="assets/images/favicon.png">
@ -415,8 +415,6 @@
@ -438,7 +436,7 @@
<span class="md-ellipsis"> <span class="md-ellipsis">
Packages Issues
</span> </span>
@ -447,6 +445,104 @@
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false"> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2"> <label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis">
Packages
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
Packages Packages
</label> </label>
@ -497,6 +593,26 @@
<li class="md-nav__item">
<a href="packages/microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="packages/openssh/" class="md-nav__link"> <a href="packages/openssh/" class="md-nav__link">
@ -562,6 +678,7 @@
</code></pre></div> </code></pre></div>
<p>This isn't as secure as checking the package signature would be <em>if</em> you previously had our package signing public key, but on another distro you probably don't have that yet, so checking the digest against its copy obtained from this separate website is a best-effort measure.</p> <p>This isn't as secure as checking the package signature would be <em>if</em> you previously had our package signing public key, but on another distro you probably don't have that yet, so checking the digest against its copy obtained from this separate website is a best-effort measure.</p>
<p>Install the package with <code>rpm -U --nodeps</code>. The <code>--nodeps</code> option is needed to bypass the dependency check on our <code>rocky-release</code> package. In essense, you're manually confirming to <code>rpm</code> that you're installing on a compatible distro.</p> <p>Install the package with <code>rpm -U --nodeps</code>. The <code>--nodeps</code> option is needed to bypass the dependency check on our <code>rocky-release</code> package. In essense, you're manually confirming to <code>rpm</code> that you're installing on a compatible distro.</p>
<p>You'll normally install packages from the mirrors, which should just work. However, if there's any issue with the mirrors and you uncomment our <code>baseurl</code> line instead, then on non-Rocky you'll need to use <code>DNF_VAR_sigcontentdir=/pub/sig dnf</code> in place of simply <code>dnf</code>.</p>
<h2 id="packages">Packages<a class="headerlink" href="#packages" title="Permanent link">&para;</a></h2> <h2 id="packages">Packages<a class="headerlink" href="#packages" title="Permanent link">&para;</a></h2>
<h3 id="extra-packages-for-el8-and-el9">Extra packages (for EL8 and EL9)<a class="headerlink" href="#extra-packages-for-el8-and-el9" title="Permanent link">&para;</a></h3> <h3 id="extra-packages-for-el8-and-el9">Extra packages (for EL8 and EL9)<a class="headerlink" href="#extra-packages-for-el8-and-el9" title="Permanent link">&para;</a></h3>
<ul> <ul>
@ -570,11 +687,12 @@
</ul> </ul>
<h3 id="extra-packages-currently-only-for-el9">Extra packages (currently only for EL9)<a class="headerlink" href="#extra-packages-currently-only-for-el9" title="Permanent link">&para;</a></h3> <h3 id="extra-packages-currently-only-for-el9">Extra packages (currently only for EL9)<a class="headerlink" href="#extra-packages-currently-only-for-el9" title="Permanent link">&para;</a></h3>
<ul> <ul>
<li><a href="https://github.com/GrapheneOS/hardened_malloc">hardened_malloc</a> (Security-focused memory allocator providing the malloc API, and a script to preload it into existing program binaries)</li> <li><a href="packages/hardened_malloc/">hardened_malloc</a> (Security-focused memory allocator providing the malloc API, and a script to preload it into existing program binaries)</li>
</ul> </ul>
<h3 id="override-packages-currently-only-for-el9">Override packages (currently only for EL9)<a class="headerlink" href="#override-packages-currently-only-for-el9" title="Permanent link">&para;</a></h3> <h3 id="override-packages-currently-only-for-el9">Override packages (currently only for EL9)<a class="headerlink" href="#override-packages-currently-only-for-el9" title="Permanent link">&para;</a></h3>
<ul> <ul>
<li><a href="packages/glibc/">glibc</a> (adds many security-hardening changes originating from Owl and ALT Linux on top of EL package)</li> <li><a href="packages/glibc/">glibc</a> (adds many security-hardening changes originating from Owl and ALT Linux on top of EL package)</li>
<li><a href="packages/microcode_ctl/">microcode_ctl</a> (updates Intel CPU microcode to microcode-20231114, which fixes CVE-2023-23583)</li>
<li><a href="packages/openssh/">openssh</a> (fewer shared libraries exposed in sshd processes while otherwise fully matching EL package's functionality)</li> <li><a href="packages/openssh/">openssh</a> (fewer shared libraries exposed in sshd processes while otherwise fully matching EL package's functionality)</li>
</ul> </ul>
<p>The changes are described in more detail on the per-package wiki pages linked above, as well as in the package changelogs. <p>The changes are described in more detail on the per-package wiki pages linked above, as well as in the package changelogs.
@ -632,7 +750,7 @@ More packages/changes are planned, including override packages also for EL8.</p>
<small> <small>
Last update: Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">October 31, 2023</span> <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
</small> </small>

View File

@ -0,0 +1,667 @@
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="The wiki for the Rocky Linux Security Special Interest Group">
<link rel="canonical" href="https://sig-security.rocky.page/issues/CVE-2023-23583/">
<link rel="prev" href="../..">
<link rel="next" href="../CVE-2023-4911/">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.4.8">
<title>CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior - SIG/Security Wiki</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.4b4a2bd9.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.356b1318.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal">
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#cve-2023-23583-microcode_ctl-intel-cpus-execution-of-movsb-instructions-with-redundant-rex-prefix-leads-to-unintended-system-behavior" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header md-header--shadow" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="SIG/Security Wiki" class="md-header__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
<div class="md-search__suggest" data-md-component="search-suggest"></div>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--integrated" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="SIG/Security Wiki" class="md-nav__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
SIG/Security Wiki
</label>
<div class="md-nav__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#summary" class="md-nav__link">
Summary
</a>
</li>
<li class="md-nav__item">
<a href="#el9" class="md-nav__link">
EL9
</a>
</li>
<li class="md-nav__item">
<a href="#el8" class="md-nav__link">
EL8
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis">
Packages
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Packages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../packages/glibc/" class="md-nav__link">
<span class="md-ellipsis">
Override package: glibc
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/hardened_malloc/" class="md-nav__link">
<span class="md-ellipsis">
Extra package: hardened_malloc
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/openssh/" class="md-nav__link">
<span class="md-ellipsis">
Override package: openssh
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://git.resf.org/security/wiki/_edit/main/docs/issues/CVE-2023-23583.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M10 20H6V4h7v5h5v3.1l2-2V8l-6-6H6c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h4v-2m10.2-7c.1 0 .3.1.4.2l1.3 1.3c.2.2.2.6 0 .8l-1 1-2.1-2.1 1-1c.1-.1.2-.2.4-.2m0 3.9L14.1 23H12v-2.1l6.1-6.1 2.1 2.1Z"/></svg>
</a>
<h1 id="cve-2023-23583-microcode_ctl-intel-cpus-execution-of-movsb-instructions-with-redundant-rex-prefix-leads-to-unintended-system-behavior">CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior<a class="headerlink" href="#cve-2023-23583-microcode_ctl-intel-cpus-execution-of-movsb-instructions-with-redundant-rex-prefix-leads-to-unintended-system-behavior" title="Permanent link">&para;</a></h1>
<h2 id="summary">Summary<a class="headerlink" href="#summary" title="Permanent link">&para;</a></h2>
<p>As described by <a href="https://www.openwall.com/lists/oss-security/2023/11/14/4">Intel</a>:</p>
<p>Under certain microarchitectural conditions, Intel has identified cases where execution of an instruction (REP MOVSB) encoded with a redundant REX prefix may result in unpredictable system behavior resulting in a system crash/hang, or, in some limited scenarios, may allow escalation of privilege from CPL3 to CPL0.</p>
<p>and by <a href="https://access.redhat.com/security/cve/CVE-2023-23583">Red Hat</a>:</p>
<p>A security vulnerability was found in some Intel processors. Execution of REP MOVSB instructions with a redundant REX prefix may result in execution continuing at an incorrect EIP address after a micro-architectural event occurs, potentially allowing privilege escalation, information disclosure and/or a denial of service via local access.</p>
<p>as well as in <a href="https://www.cve.org/CVERecord?id=CVE-2023-23583">CVE-2023-23583</a>.</p>
<p>More detail is available via these <a href="https://www.openwall.com/lists/oss-security/2023/11/14/7">links to Intel's website</a> and in the public disclosure by <a href="https://lock.cmpxchg8b.com/reptar.html">Tavis Ormandy</a> from <a href="https://cloud.google.com/blog/products/identity-security/google-researchers-discover-reptar-a-new-cpu-vulnerability">Google</a>.</p>
<p>Public disclosure date: November 14, 2023</p>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<p>Fixed in version: <code>4:20231114-1.el9_2.security</code> available November 15, 2023</p>
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">&para;</a></h2>
<p>Not fixed yet, will fix.</p>
<hr>
<div class="md-source-file">
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
</small>
</div>
</article>
</div>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2023 Rocky Enterprise Software Foundation
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.f886a092.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.81fa17fe.min.js"></script>
</body>
</html>

View File

@ -0,0 +1,667 @@
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="The wiki for the Rocky Linux Security Special Interest Group">
<link rel="canonical" href="https://sig-security.rocky.page/issues/CVE-2023-4911/">
<link rel="prev" href="../CVE-2023-23583/">
<link rel="next" href="../../packages/glibc/">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.4.8">
<title>CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation - SIG/Security Wiki</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.4b4a2bd9.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.356b1318.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal">
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#cve-2023-4911-glibc-looney-tunables-buffer-overflow-in-ldso-leading-to-privilege-escalation" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header md-header--shadow" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="SIG/Security Wiki" class="md-header__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
<div class="md-search__suggest" data-md-component="search-suggest"></div>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--integrated" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="SIG/Security Wiki" class="md-nav__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
SIG/Security Wiki
</label>
<div class="md-nav__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#summary" class="md-nav__link">
Summary
</a>
</li>
<li class="md-nav__item">
<a href="#el9" class="md-nav__link">
EL9
</a>
</li>
<li class="md-nav__item">
<a href="#el8" class="md-nav__link">
EL8
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis">
Packages
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Packages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../packages/glibc/" class="md-nav__link">
<span class="md-ellipsis">
Override package: glibc
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/hardened_malloc/" class="md-nav__link">
<span class="md-ellipsis">
Extra package: hardened_malloc
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../packages/openssh/" class="md-nav__link">
<span class="md-ellipsis">
Override package: openssh
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://git.resf.org/security/wiki/_edit/main/docs/issues/CVE-2023-4911.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M10 20H6V4h7v5h5v3.1l2-2V8l-6-6H6c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h4v-2m10.2-7c.1 0 .3.1.4.2l1.3 1.3c.2.2.2.6 0 .8l-1 1-2.1-2.1 1-1c.1-.1.2-.2.4-.2m0 3.9L14.1 23H12v-2.1l6.1-6.1 2.1 2.1Z"/></svg>
</a>
<h1 id="cve-2023-4911-glibc-looney-tunables-buffer-overflow-in-ldso-leading-to-privilege-escalation">CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation<a class="headerlink" href="#cve-2023-4911-glibc-looney-tunables-buffer-overflow-in-ldso-leading-to-privilege-escalation" title="Permanent link">&para;</a></h1>
<h2 id="summary">Summary<a class="headerlink" href="#summary" title="Permanent link">&para;</a></h2>
<p>As described by <a href="https://access.redhat.com/security/cve/CVE-2023-4911">Red Hat</a> and in <a href="https://www.cve.org/CVERecord?id=CVE-2023-4911">CVE-2023-4911</a>:</p>
<p>A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the <code>GLIBC_TUNABLES</code> environment variable. This issue could allow a local attacker to use maliciously crafted <code>GLIBC_TUNABLES</code> environment variables when launching binaries with SUID permission to execute code with elevated privileges.</p>
<p>More detail is available in the <a href="https://www.openwall.com/lists/oss-security/2023/10/03/2">public disclosure</a> by <a href="https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so">Qualys</a>, the team who discovered the issue.</p>
<p>Public disclosure date: October 3, 2023</p>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<p>Mitigated in version: <code>2.34-60.el9_2.security.0.2</code> available October 3, 2023
Fixed in version: <code>glibc-2.34-60.el9_2.7</code> available October 5, 2023</p>
<p>Besides the upstream fix, we also retained the mitigation in the <a href="packages/glibc.md">Security SIG package of glibc</a>.</p>
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">&para;</a></h2>
<p>Fixed in version: <code>glibc-0:2.28-225.el8_8.6</code> available October 5, 2023
Errata: <a href="https://errata.rockylinux.org/RLSA-2023:5455">RLSA-2023:5455</a> issued October 7, 2023</p>
<hr>
<div class="md-source-file">
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
</small>
</div>
</article>
</div>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2023 Rocky Enterprise Software Foundation
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.f886a092.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.81fa17fe.min.js"></script>
</body>
</html>

View File

@ -13,7 +13,7 @@
<link rel="canonical" href="https://sig-security.rocky.page/packages/glibc/"> <link rel="canonical" href="https://sig-security.rocky.page/packages/glibc/">
<link rel="prev" href="../.."> <link rel="prev" href="../../issues/CVE-2023-4911/">
<link rel="next" href="../hardened_malloc/"> <link rel="next" href="../hardened_malloc/">
@ -273,6 +273,100 @@
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
@ -284,6 +378,8 @@
@ -297,10 +393,10 @@
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex=""> <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis"> <span class="md-ellipsis">
@ -311,8 +407,8 @@
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
</label> </label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true"> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2"> <label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
Packages Packages
</label> </label>
@ -443,6 +539,26 @@
<li class="md-nav__item">
<a href="../microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="../openssh/" class="md-nav__link"> <a href="../openssh/" class="md-nav__link">

View File

@ -16,7 +16,7 @@
<link rel="prev" href="../glibc/"> <link rel="prev" href="../glibc/">
<link rel="next" href="../openssh/"> <link rel="next" href="../microcode_ctl/">
<link rel="icon" href="../../assets/images/favicon.png"> <link rel="icon" href="../../assets/images/favicon.png">
@ -273,6 +273,100 @@
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
@ -284,6 +378,8 @@
@ -297,10 +393,10 @@
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex=""> <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis"> <span class="md-ellipsis">
@ -311,8 +407,8 @@
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
</label> </label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true"> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2"> <label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
Packages Packages
</label> </label>
@ -451,6 +547,26 @@
<li class="md-nav__item">
<a href="../microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>
<li class="md-nav__item"> <li class="md-nav__item">
<a href="../openssh/" class="md-nav__link"> <a href="../openssh/" class="md-nav__link">

View File

@ -0,0 +1,675 @@
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="The wiki for the Rocky Linux Security Special Interest Group">
<link rel="canonical" href="https://sig-security.rocky.page/packages/microcode_ctl/">
<link rel="prev" href="../hardened_malloc/">
<link rel="next" href="../openssh/">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.4.8">
<title>Override package: microcode_ctl - SIG/Security Wiki</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.4b4a2bd9.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.356b1318.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal">
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#override-package-microcode_ctl" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header md-header--shadow" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="SIG/Security Wiki" class="md-header__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="teal" data-md-color-accent="teal" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
<div class="md-search__suggest" data-md-component="search-suggest"></div>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary md-nav--integrated" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="SIG/Security Wiki" class="md-nav__button md-logo" aria-label="SIG/Security Wiki" data-md-component="logo">
<img src="../../assets/icon-white.svg" alt="logo">
</a>
SIG/Security Wiki
</label>
<div class="md-nav__source">
<a href="https://git.resf.org/security/wiki" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.4.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2023 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
security/wiki
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
<span class="md-ellipsis">
SIG/Security Wiki
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis">
Packages
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Packages
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../glibc/" class="md-nav__link">
<span class="md-ellipsis">
Override package: glibc
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../hardened_malloc/" class="md-nav__link">
<span class="md-ellipsis">
Extra package: hardened_malloc
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#el9" class="md-nav__link">
EL9
</a>
<nav class="md-nav" aria-label="EL9">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#changes-summary" class="md-nav__link">
Changes summary
</a>
</li>
<li class="md-nav__item">
<a href="#change-log" class="md-nav__link">
Change log
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../openssh/" class="md-nav__link">
<span class="md-ellipsis">
Override package: openssh
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<a href="https://git.resf.org/security/wiki/_edit/main/docs/packages/microcode_ctl.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M10 20H6V4h7v5h5v3.1l2-2V8l-6-6H6c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h4v-2m10.2-7c.1 0 .3.1.4.2l1.3 1.3c.2.2.2.6 0 .8l-1 1-2.1-2.1 1-1c.1-.1.2-.2.4-.2m0 3.9L14.1 23H12v-2.1l6.1-6.1 2.1 2.1Z"/></svg>
</a>
<h1 id="override-package-microcode_ctl">Override package: microcode_ctl<a class="headerlink" href="#override-package-microcode_ctl" title="Permanent link">&para;</a></h1>
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">&para;</a></h2>
<ul>
<li>Version <code>4:20231114-1.el9_2.security</code></li>
<li>Based on <code>4:20230808-2</code></li>
</ul>
<h3 id="changes-summary">Changes summary<a class="headerlink" href="#changes-summary" title="Permanent link">&para;</a></h3>
<ul>
<li>Update Intel CPU microcode to microcode-20231114 (fixes <a href="https://www.openwall.com/lists/oss-security/2023/11/14/4">CVE-2023-23583</a>), temporarily dropping most documentation patches</li>
</ul>
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">&para;</a></h3>
<div class="highlight"><pre><span></span><code>* Tue Nov 14 2023 Solar Designer &lt;solar@openwall.com&gt; - 4:20231114-1
- Update Intel CPU microcode to microcode-20231114 (fixes CVE-2023-23583),
temporarily dropping most documentation patches
</code></pre></div>
<hr>
<div class="md-source-file">
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
</small>
</div>
</article>
</div>
</div>
<button type="button" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
Back to top
</button>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2023 Rocky Enterprise Software Foundation
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.expand", "navigation.indexes", "navigation.instant", "navigation.sections", "navigation.top", "navigation.tracking", "navigation.path", "search.highlight", "search.suggest", "toc.integrate", "content.action.edit"], "search": "../../assets/javascripts/workers/search.f886a092.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.81fa17fe.min.js"></script>
</body>
</html>

View File

@ -13,7 +13,7 @@
<link rel="canonical" href="https://sig-security.rocky.page/packages/openssh/"> <link rel="canonical" href="https://sig-security.rocky.page/packages/openssh/">
<link rel="prev" href="../hardened_malloc/"> <link rel="prev" href="../microcode_ctl/">
@ -271,6 +271,100 @@
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="">
<span class="md-ellipsis">
Issues
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Issues
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-23583/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-23583: microcode_ctl: Intel CPUs: execution of MOVSB instructions with redundant REX prefix leads to unintended system behavior
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../../issues/CVE-2023-4911/" class="md-nav__link">
<span class="md-ellipsis">
CVE-2023-4911: glibc: Looney Tunables: buffer overflow in ld.so leading to privilege escalation
</span>
</a>
</li>
</ul>
</nav>
</li>
@ -282,6 +376,8 @@
@ -295,10 +391,10 @@
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_2" checked> <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_3" checked>
<label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex=""> <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="">
<span class="md-ellipsis"> <span class="md-ellipsis">
@ -309,8 +405,8 @@
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
</label> </label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="true"> <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="true">
<label class="md-nav__title" for="__nav_2"> <label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span> <span class="md-nav__icon md-icon"></span>
Packages Packages
</label> </label>
@ -360,6 +456,26 @@
<li class="md-nav__item">
<a href="../microcode_ctl/" class="md-nav__link">
<span class="md-ellipsis">
Override package: microcode_ctl
</span>
</a>
</li>

File diff suppressed because one or more lines are too long

View File

@ -5,6 +5,16 @@
<lastmod>2023-11-15</lastmod> <lastmod>2023-11-15</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2023-23583/</loc>
<lastmod>2023-11-15</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://sig-security.rocky.page/issues/CVE-2023-4911/</loc>
<lastmod>2023-11-15</lastmod>
<changefreq>daily</changefreq>
</url>
<url> <url>
<loc>https://sig-security.rocky.page/packages/glibc/</loc> <loc>https://sig-security.rocky.page/packages/glibc/</loc>
<lastmod>2023-11-15</lastmod> <lastmod>2023-11-15</lastmod>
@ -15,6 +25,11 @@
<lastmod>2023-11-15</lastmod> <lastmod>2023-11-15</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url>
<loc>https://sig-security.rocky.page/packages/microcode_ctl/</loc>
<lastmod>2023-11-15</lastmod>
<changefreq>daily</changefreq>
</url>
<url> <url>
<loc>https://sig-security.rocky.page/packages/openssh/</loc> <loc>https://sig-security.rocky.page/packages/openssh/</loc>
<lastmod>2023-11-15</lastmod> <lastmod>2023-11-15</lastmod>

Binary file not shown.