old_microcode.rst 801 B

123456789101112131415161718192021
  1. .. SPDX-License-Identifier: GPL-2.0
  2. =============
  3. Old Microcode
  4. =============
  5. The kernel keeps a table of released microcode. Systems that had
  6. microcode older than this at boot will say "Vulnerable". This means
  7. that the system was vulnerable to some known CPU issue. It could be
  8. security or functional, the kernel does not know or care.
  9. You should update the CPU microcode to mitigate any exposure. This is
  10. usually accomplished by updating the files in
  11. /lib/firmware/intel-ucode/ via normal distribution updates. Intel also
  12. distributes these files in a github repo:
  13. https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files.git
  14. Just like all the other hardware vulnerabilities, exposure is
  15. determined at boot. Runtime microcode updates do not change the status
  16. of this vulnerability.