{"id":"USN-3531-2","summary":"intel-microcode regression","details":"USN-3531-1 updated Intel microcode to the 20180108 release. Regressions\nwere discovered in the microcode updates which could cause system\ninstability on certain hardware platforms. At the request of Intel, we have\nreverted to the previous packaged microcode version, the 20170707 release.\n\nOriginal advisory details:\n\n It was discovered that microprocessors utilizing speculative execution\n and branch prediction may allow unauthorized memory reads via sidechannel\n attacks. This flaw is known as Spectre. A local attacker could use this to\n expose sensitive information, including kernel memory. (CVE-2017-5715)\n \n This update provides the microcode updates required for the corresponding\n Linux kernel updates.\n","modified":"2026-02-10T04:41:16Z","published":"2018-01-22T16:09:41Z","related":["UBUNTU-CVE-2017-5715"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3531-2"},{"type":"REPORT","url":"https://launchpad.net/bugs/1742933"}],"affected":[{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20180108.0+really20170707ubuntu14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20180108.0+really20170707ubuntu14.04.1"}]}],"versions":["1.20130906.1ubuntu2","1.20130906.1ubuntu3","2.20140122.1","2.20140430.1ubuntu1","2.20140624-t-1ubuntu2","3.20180108.0~ubuntu14.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20180108.0+really20170707ubuntu14.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3531-2.json","cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[]}}},{"package":{"name":"intel-microcode","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/intel-microcode@3.20180108.0+really20170707ubuntu16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.20180108.0+really20170707ubuntu16.04.1"}]}],"versions":["3.20150121.1","3.20151106.1","3.20170707.1~ubuntu16.04.0","3.20180108.0~ubuntu16.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"intel-microcode","binary_version":"3.20180108.0+really20170707ubuntu16.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3531-2.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[]}}}],"schema_version":"1.7.3"}