Platypus
Platypus – Intel power side-channels (CVE-2020-8694, CVE-2020-8695)
Published
11 October 2020
Researchers have found that power side-channel attacks are possible by reading sysfs files under Linux. Fixed kernels have been released for Ubuntu, but the issue can be mitigated by changing the file permissions by running the following command:
find /sys/devices/virtual/powercap/ -name energy_uj -exec chmod 400 {} \;
Microcode regression
The microcode update has caused some systems to fail to boot. The recovery kernels in the boot configuration should work; if they are missing for whatever reason, please add the dis_ucode_ldr kernel command line parameter as appropriate.
Timeline
-
2020 Nov 10 - Kernels released in USN-4626-1
-
2020 Nov 11 - Intel microcode released in USN-4628-1
-
2020 Nov 12 - Intel microcode regression addressed in USN-4628-2 – remove the microcode for the Tiger Lake family of processors