Publication Date: 2023/11/14 11:50 AM PDT
AWS is aware of CVE-2023-23583, which affects third generation Intel Xeon Scalable (“Icelake”) processors that power the C6i, C6id, C6in, M6i, Mi6d, M6in, M6idn, R6i, R6id, R6in, R6idn, X2idn, X2iedn, I4i, Hpc6id, Trn1, and Trn1n EC2 instance families. AWS has applied the latest Intel microcode to all Intel Icelake-based EC2 instances, and no customer action is required. AWS-managed compute and container services, such as ECS, EKS, and Lambda, are also not affected by this issue, and no customer action is required.
If you are using EC2 bare metal instances, we recommend you reboot your instances to apply the security fix or apply the latest Intel microcode through the running operating channel. To apply the fix via the running operating system, you must work with your operating system vendor to obtain the latest security updates that address this issue. For Amazon Linux, we recommend you update the microcode_ctl package to a version equal to or greater than microcode_ctl-2.1-47.42.amzn1 for Amazon Linux 1, microcode_ctl-2.1-47.amzn2.4.15 for Amazon Linux 2, and microcode_ctl-2.1-53.amzn2023.0.3 for Amazon Linux 2023.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.