Mx Linux already has latest database.And not just that, intel's official github page now has limited files.
But the problem is,MX has the older version (dated 2010). https://github.com/platomav/CPUMicrocodes has the latest released (dated 2015) (and much more)
how can i add this bin formatted microcode file to Mx?
Microcode Updates
Microcode Updates
Last edited by Zikk on Mon Sep 26, 2022 7:33 am, edited 1 time in total.
Re: Microcode Update
What the... ??????
I think you are somewhat confused. Please tell us what version of "intel-microcode" you have in whatever mystery version of MX you're running, such as running
MX includes the latest version from Debian by default, BTW.
MCE firmware is not really CPU firmware, to be pedantic.
I think you are somewhat confused. Please tell us what version of "intel-microcode" you have in whatever mystery version of MX you're running, such as running
Code: Select all
apt policy intel-microcode
MCE firmware is not really CPU firmware, to be pedantic.
Re: Microcode Update
Also, as mentioned on that site "Latest is not always better or tested."
Do you try to fix something? People should not really be concerned with firmware unless there's something not working OK.
Do you try to fix something? People should not really be concerned with firmware unless there's something not working OK.
Re: Microcode Update
Well, the CPU microcode is actually supposed to fix bugs or security holes like Meltdown or Spectre.
The "linux-firmware" package we port over from Ubuntu actually also includes the AMD and the Intel microcode, so it conflicts with those packages. You have to choose which you want to go with. We're shipping AHS with the ported package.
The "linux-firmware" package we port over from Ubuntu actually also includes the AMD and the Intel microcode, so it conflicts with those packages. You have to choose which you want to go with. We're shipping AHS with the ported package.
Last edited by Stevo on Sat Sep 24, 2022 2:56 pm, edited 1 time in total.
Re: Microcode Update
Well the new upgrade is better for me (from MXPI: intel-microcode 3.20220809.1~mx19+1)
So thank you for the upgrade Stevo.
The new one:
So thank you for the upgrade Stevo.
The old one:https://forum.mxlinux.org/viewtopic.php ... 04#p696604
Fri Sep 23, 2022 12:08 am
Updated amd64-microcode, intel-microcode packages from Debian testing, port over firmware-sof-signed from Ubuntu Kinetic--Ubuntu updated theirs a bit more that Debian upstream, plus they allow for any "linux-firmware" conflicts.
Code: Select all
dpkg -l *microcode*
ii intel-microcode 3.20220510.1~deb11u1 amd64 Processor microcode firmware for Intel CPUs
spectre-meltdown-checker --batch text
CVE-2017-5753: OK (Mitigation: usercopy/swapgs barriers and __user pointer sanitization)
CVE-2017-5715: OK (Full retpoline + IBPB are mitigating the vulnerability)
CVE-2017-5754: OK (Mitigation: PTI)
CVE-2018-3640: VULN (an up-to-date CPU microcode is needed to mitigate this vulnerability)
CVE-2018-3639: OK (Mitigation: Speculative Store Bypass disabled via prctl)
CVE-2018-3615: VULN (your CPU supports SGX and the microcode is not up to date)
CVE-2018-3620: OK (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled)
CVE-2018-3646: OK (this system is not running a hypervisor)
CVE-2018-12126: OK (Mitigation: Clear CPU buffers)
CVE-2018-12130: OK (Mitigation: Clear CPU buffers)
CVE-2018-12127: OK (Mitigation: Clear CPU buffers)
CVE-2019-11091: OK (Mitigation: Clear CPU buffers)
CVE-2019-11135: OK (Not affected)
CVE-2018-12207: OK (this system is not running a hypervisor)
CVE-2020-0543: OK (your CPU vendor reported your CPU model as not affected)
Code: Select all
dpkg -l *microcode*
ii amd64-microcode 3.20220411.1~mx19+1 amd64 Processor microcode firmware for AMD CPUs
ii intel-microcode 3.20220809.1~mx19+1 amd64 Processor microcode firmware for Intel CPUs
spectre-meltdown-checker --batch text
CVE-2017-5753: OK (Mitigation: usercopy/swapgs barriers and __user pointer sanitization)
CVE-2017-5715: OK (Full retpoline + IBPB are mitigating the vulnerability)
CVE-2017-5754: OK (Mitigation: PTI)
CVE-2018-3640: OK (your CPU microcode mitigates the vulnerability)
CVE-2018-3639: OK (Mitigation: Speculative Store Bypass disabled via prctl)
CVE-2018-3615: OK (your CPU vendor reported your CPU model as not affected)
CVE-2018-3620: OK (Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled)
CVE-2018-3646: OK (this system is not running a hypervisor)
CVE-2018-12126: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2018-12130: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2018-12127: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2019-11091: OK (Your microcode and kernel are both up to date for this mitigation, and mitigation is enabled)
CVE-2019-11135: OK (your CPU vendor reported your CPU model as not affected)
CVE-2018-12207: OK (this system is not running a hypervisor)
CVE-2020-0543: OK (your CPU vendor reported your CPU model as not affected)
Pour les nouveaux utilisateurs: Alt+F1 pour le manuel, ou FAQS, MX MANUEL, et Conseils Debian - Info. système “quick-system-info-mx” (QSI) ... Ici: System: MX-19_x64 & antiX19_x32
Re: Microcode Update
true.newest (latest) may not be always the "better" or "faster" but they are more "secure" or may have a "new feature" .so microcode updates,like all updates,are being released for a reason.
https://ibb.co/mbpMJpz old one. Mx has this
(datebase:20220510 - microcode updated early to revision=0xa0b, date=2010-09-28)
https://ibb.co/Yh59kgr new one. the mentioned github repo has this
(datebase:20220510 - revision=0xa0e)
https://ibb.co/mbpMJpz old one. Mx has this
(datebase:20220510 - microcode updated early to revision=0xa0b, date=2010-09-28)
https://ibb.co/Yh59kgr new one. the mentioned github repo has this
(datebase:20220510 - revision=0xa0e)
Last edited by Zikk on Sun Sep 25, 2022 7:01 am, edited 1 time in total.
Re: Microcode Update
Interestingly, repology has the 20220809 as the current release
https://repology.org/project/intel-microcode/versions
and no distro, even the dangerously bleeding-edge ones, have that github version that you linked. Methinks that that source needs more investigation.
https://repology.org/project/intel-microcode/versions
and no distro, even the dangerously bleeding-edge ones, have that github version that you linked. Methinks that that source needs more investigation.
Re: Microcode Update
3.20220809.1~mx21+1 is in the MX Test Repo for the nervous. It's considered stable by Intel, and I'm using it in my stable Gentoo desktop. The current MX-21 version is 3.20220510.1~deb11u1. Unless someone knows the Test Repo version fixes a problem they are having or an actual vulnerability in their use case, one should stick with the normal MX update process. Deviate from normal at your own risk.
Re: Microcode Update
repo is legit and go-to place for bios modders.and not only it has recent devices (cpu-wise),it also has ancient ones as well (from via to xeon etc)
the file already recognized as higher version (recent) by system (iucode_tool)
all distros are using intel's official releases or betas so you will not find any difference there.maybe intel dropped the ball with its archieve here,or simply didnt care.cant say for sure.
Microsoft did (does) a better job at patching these (especially for old cpus that i have tested) on Windows 10. meaning this microcode is already included.
seee, KB4589212 and for more;
https://support.microsoft.com/en-gb/top ... 6e4d8637c4
And gentlemen (and/or ladies) we are talking about something released in 2010 and 2015. not cutting-edge,nor untested.
While i am writing this intel's official stable release version is indeed 20220809 (we havent received it yet)
https://github.com/intel/Intel-Linux-Pr ... Data-Files
the file already recognized as higher version (recent) by system (iucode_tool)
all distros are using intel's official releases or betas so you will not find any difference there.maybe intel dropped the ball with its archieve here,or simply didnt care.cant say for sure.
Microsoft did (does) a better job at patching these (especially for old cpus that i have tested) on Windows 10. meaning this microcode is already included.
seee, KB4589212 and for more;
https://support.microsoft.com/en-gb/top ... 6e4d8637c4
And gentlemen (and/or ladies) we are talking about something released in 2010 and 2015. not cutting-edge,nor untested.
While i am writing this intel's official stable release version is indeed 20220809 (we havent received it yet)
https://github.com/intel/Intel-Linux-Pr ... Data-Files