== Intel power side-channels CVE-2020-8694 and CVE-2020-8695 (aka Platypus) ==

[[https://platypusattack.com/|Researchers have found that power side-channel attacks are possible]] by reading
sysfs files under Linux. Fixed kernels have been released for Ubuntu, but the
issue can be mitigated by changing the file permissions by running the
following command:

{{{
find /sys/devices/virtual/powercap/ -name energy_uj -exec chmod 400 {} \;
}}}

==== Timeline ====

* 2020 Nov 10 - [[https://ubuntu.com/security/notices/USN-4626-1 | Kernels released in USN-4626-1]]

* 2020 Nov 11 - [[https://ubuntu.com/security/notices/USN-4628-1 | Intel microcode released in USN-4628-1]]

* 2020 Nov 12 - [[https://ubuntu.com/security/notices/USN-4628-2 | Intel microcode regression addressed in USN-4628-2]] -- remove the microcode for the Tiger Lake family of processors

==== Microcode regression ====

The microcode update has caused some systems to fail to boot. The {{{recovery}}} kernels in the boot configuration should work; if they are missing for whatever reason, please add the {{{dis_ucode_ldr}}} kernel command line parameter as appropriate.