Invest in the Future You Want to See. Closing Soon!

A First Public Offering of Purism Stock on StartEngine. Minimum $500.

Invest Now

Security Advisory: Kernel and Firmware Updates for Intel MDS Vulnerability

Firmware and BIOS, Software / /
Kyle Rankin

Kyle Rankin

PGP ID: 0xB9EF770D6EFE360F
Fingerprint: 0DFE 2A03 7FEF B6BF C56F73C5 B9EF 770D 6EFE 360F
Librem Social
Kyle Rankin

Latest posts by Kyle Rankin (see all)

Last week Intel announced a new group of speculative execution vulnerabilities in its processors related to the well-known Spectre and Meltdown vulnerabilities from over a year ago. These new attacks have been labeled as the MDS (Microarchitectural Data Sampling) vulnerabilities by Intel, but in the age of branded vulnerabilities they also have been given more exciting names like Zombieload. An attacker who is able to successfully exploit these vulnerabilities has the potential to extract sensitive information including encryption keys from the target machine.

Because this is a vulnerability in the Intel CPU hardware itself, like with Spectre and Meltdown, the patch for these vulnerabilities comes in two forms:

  • Linux kernel patch for PureOS users
  • CPU microcode updates for Librem laptop owners

PureOS Users

PureOS users are advised to update their system packages using their normal software update process, which will pull down the latest 4.19.37-3 kernel package.

Librem Laptop Owners

Purism includes CPU microcode updates as part of our coreboot firmware, so laptops shipping out starting this week will already be patched for these vulnerabilities. For existing laptop users, you will need to update your coreboot firmware to the latest version. Just follow our documentation on using our coreboot update script. Microcode updates have been added to the default coreboot SeaBIOS firmware starting with version 4.9-Purism-1 and in our beta PureBoot firmware starting with version heads-beta-6. In addition to using our update script, you can access the changelog for our pre-built binary firmware images directly at our firmware releases project page.

Recent Posts

Related Content

Tags

Advanced readers AweSIM Battery life Benchmarks and testing Boot and BIOS Chipsets and components Communications infrastructure Crowdfunding Customer Feedback cybersecurity Enterprise FLOSS applications Giving and contributing back Graphics infosec Laptops librem 5 Librem 5 USA Librem 14 Linux kernel Made in USA Electronics most secure computer most secure laptop most secure pc most secure phone Newsletter and status updates Phones Power management Press Privacy Product or service launch PureOS secure computing Security Social media Software freedom Supply chain Tablets Testimonials and user stories Tips and tricks User empowerment User experience design User interaction design Videos Website
Purism

3D renders are artist renderings, for illustration purposes. Images and specifications are subject to change depending on manufacturing requirements.

Unless otherwise noted, contents created by the Purism team on this website are copyleft with a CC-by-SA 4.0 license.