Canonical has published a new security advisory today where the company behind the popular Ubuntu Linux operating system apologizes for a regression introduced by the latest Intel microcode firmware update.
On November 12th, 2019, Canonical published important kernel security updates for all supported Ubuntu Linux releases to address two flaws (CVE-2019-11135 and CVE-2019-11139) discovered by various security researchers in Intel processors using Transactional Synchronization Extensions (TSX), as well as on certain Intel Xeon processors.
While the first vulnerability could allow a local attacker to expose sensitive information, such as memory contents that were previously stored in microarchitectural buffers, the second issue could allow a local privileged attacker to cause a denial of service (system crash). The intel-microcode version that caused the regression was 3.20191112.
New Intel microcode update available to patch a regression
However, the said update also introduced a regression, which apparently is causing Ubuntu systems with Skylake CPUs to hang after a warm reboot. The regression affects all supported Ubuntu releases, including Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
“USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. We apologize for the inconvenience,” said Canonical in the security advisory.
Now Canonical urges all Ubuntu users with Skylake CPUs to update their installations to intel-microcode version 3.20191115 as soon as possible. The new Intel microcode update is already available in the main software repositories, so all you have to do to fix this regression is to run the command below and then reboot your machine.
sudo apt-get update && sudo apt-get install intel-microcode