Security Fix: * hw: Special Register Buffer Data Sampling * hw: L1D Cache Eviction Sampling * hw: Vector Register Data Sampling For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Update Intel CPU microcode to microcode-20200602 release, addresses: - Update of 06-2d-06/0x6d microcode from revision 0x61f up to 0x621; - Update of 06-2d-07/0x6d microcode from revision 0x718 up to 0x71a; - Update of 06-3c-03/0x32 microcode from revision 0x27 up to 0x28; - Update of 06-3d-04/0xc0 microcode from revision 0x2e up to 0x2f; - Update of 06-45-01/0x72 microcode from revision 0x25 up to 0x26; - Update of 06-46-01/0x32 microcode from revision 0x1b up to 0x1c; - Update of 06-47-01/0x22 microcode from revision 0x21 up to 0x22; - Update of 06-4e-03/0xc0 microcode from revision 0xd6 up to 0xdc; - Update of 06-55-03/0x97 microcode from revision 0x1000151 up to 0x1000157; - Update of 06-55-04/0xb7 microcode from revision 0x2000065 up to 0x2006906; - Update of 06-55-06/0xbf microcode from revision 0x400002c up to 0x4002f01; - Update of 06-55-07/0xbf microcode from revision 0x500002c up to 0x5002f01; - Update of 06-5e-03/0x36 microcode from revision 0xd6 up to 0xdc; - Update of 06-7e-05/0x80 microcode from revision 0x46 up to 0x78; - Update of 06-8e-09/0x10 microcode from revision 0xca up to 0xd6; - Update of 06-8e-09/0xc0 microcode from revision 0xca up to 0xd6; - Update of 06-8e-0a/0xc0 microcode from revision 0xca up to 0xd6; - Update of 06-8e-0b/0xd0 microcode from revision 0xca up to 0xd6; - Update of 06-8e-0c/0x94 microcode from revision 0xca up to 0xd6; - Update of 06-9e-09/0x2a microcode from revision 0xca up to 0xd6; - Update of 06-9e-0a/0x22 microcode from revision 0xca up to 0xd6; - Update of 06-9e-0b/0x02 microcode from revision 0xca up to 0xd6; - Update of 06-9e-0c/0x22 microcode from revision 0xca up to 0xd6; - Update of 06-9e-0d/0x22 microcode from revision 0xca up to 0xd6. - - Change the URL in the intel-microcode2ucode.8 to point to the GitHub repository since the microcode download section at Intel Download Center does not exist anymore. * Narrow down SKL-SP/W/X blacklist to exclude Server/FPGA/Fabric segment models. * Re-generate initramfs not only for the currently running kernel, but for several recently installed kernels as well. * Avoid find being SIGPIPE"d on early "grep -q" exit in the dracut script. * Update stale posttrans dependency, add triggers for proper handling of the debug kernel flavour along with kernel-rt. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed : 1788786 - CVE-2020-0548 hw: Vector Register Data Sampling 1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling 1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling 6. Package List: Red Hat Enterprise Linux Client : Source: microcode_ctl-2.1-61.6.el7_8.src.rpm x86_64: microcode_ctl-2.1-61.6.el7_8.x86_64.rpm microcode_ctl-debuginfo-2.1-61.6.el7_8.x86_64.rpm Red Hat Enterprise Linux ComputeNode : Source: microcode_ctl-2.1-61.6.el7_8.src.rpm x86_64: microcode_ctl-2.1-61.6.el7_8.x86_64.rpm microcode_ctl-debuginfo-2.1-61.6.el7_8.x86_64.rpm Red Hat Enterprise Linux Server : Source: microcode_ctl-2.1-61.6.el7_8.src.rpm x86_64: microcode_ctl-2.1-61.6.el7_8.x86_64.rpm microcode_ctl-debuginfo-2.1-61.6.el7_8.x86_64.rpm Red Hat Enterprise Linux Workstation : Source: microcode_ctl-2.1-61.6.el7_8.src.rpm x86_64: microcode_ctl-2.1-61.6.el7_8.x86_64.rpm microcode_ctl-debuginfo-2.1-61.6.el7_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/solutions/5142751