update: intel-microcode

[dongsupark]

Name: intel-microcode
CVEs: CVE-2023-22655, CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-43490
CVSSs: 6.1, 6.5, 6.5, 5.5, 5.3
Action Needed: update to >= 20240312

Summary:

• CVE-2023-22655: Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html
• CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html
• CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html
• CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel® Processors may allow an unauthenticated user to potentially enable denial of service via network access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html
• CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access.
  • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html

See also https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/.

refmap.gentoo: TBD