ucode-intel-20210608-1.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11478 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ucode-intel-20210608-1.2 on GA media These are all security issues fixed in the ucode-intel-20210608-1.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11478 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11478 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2017-5715/ SUSE CVE CVE-2017-5715 page https://www.suse.com/security/cve/CVE-2018-12126/ SUSE CVE CVE-2018-12126 page https://www.suse.com/security/cve/CVE-2018-12130/ SUSE CVE CVE-2018-12130 page https://www.suse.com/security/cve/CVE-2018-3640/ SUSE CVE CVE-2018-3640 page https://www.suse.com/security/cve/CVE-2019-11135/ SUSE CVE CVE-2019-11135 page https://www.suse.com/security/cve/CVE-2019-11139/ SUSE CVE CVE-2019-11139 page https://www.suse.com/security/cve/CVE-2020-0543/ SUSE CVE CVE-2020-0543 page https://www.suse.com/security/cve/CVE-2020-0548/ SUSE CVE CVE-2020-0548 page https://www.suse.com/security/cve/CVE-2020-24489/ SUSE CVE CVE-2020-24489 page https://www.suse.com/security/cve/CVE-2020-24511/ SUSE CVE CVE-2020-24511 page https://www.suse.com/security/cve/CVE-2020-24512/ SUSE CVE CVE-2020-24512 page https://www.suse.com/security/cve/CVE-2020-24513/ SUSE CVE CVE-2020-24513 page https://www.suse.com/security/cve/CVE-2020-8695/ SUSE CVE CVE-2020-8695 page https://www.suse.com/security/cve/CVE-2020-8696/ SUSE CVE CVE-2020-8696 page https://www.suse.com/security/cve/CVE-2020-8698/ SUSE CVE CVE-2020-8698 page openSUSE Tumbleweed ucode-intel-20210608-1.2 ucode-intel-20210608-1.2 as a component of openSUSE Tumbleweed Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CVE-2017-5715 openSUSE Tumbleweed:ucode-intel-20210608-1.2 important 4.7 AV:L/AC:M/Au:N/C:C/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5715.html CVE-2017-5715 https://bugzilla.suse.com/1068032 SUSE Bug 1068032 https://bugzilla.suse.com/1074562 SUSE Bug 1074562 https://bugzilla.suse.com/1074578 SUSE Bug 1074578 https://bugzilla.suse.com/1074701 SUSE Bug 1074701 https://bugzilla.suse.com/1074741 SUSE Bug 1074741 https://bugzilla.suse.com/1074919 SUSE Bug 1074919 https://bugzilla.suse.com/1075006 SUSE Bug 1075006 https://bugzilla.suse.com/1075007 SUSE Bug 1075007 https://bugzilla.suse.com/1075262 SUSE Bug 1075262 https://bugzilla.suse.com/1075419 SUSE Bug 1075419 https://bugzilla.suse.com/1076115 SUSE Bug 1076115 https://bugzilla.suse.com/1076372 SUSE Bug 1076372 https://bugzilla.suse.com/1076606 SUSE Bug 1076606 https://bugzilla.suse.com/1078353 SUSE Bug 1078353 https://bugzilla.suse.com/1080039 SUSE Bug 1080039 https://bugzilla.suse.com/1087887 SUSE Bug 1087887 https://bugzilla.suse.com/1087939 SUSE Bug 1087939 https://bugzilla.suse.com/1088147 SUSE Bug 1088147 https://bugzilla.suse.com/1089055 SUSE Bug 1089055 https://bugzilla.suse.com/1091815 SUSE Bug 1091815 https://bugzilla.suse.com/1095735 SUSE Bug 1095735 https://bugzilla.suse.com/1102517 SUSE Bug 1102517 https://bugzilla.suse.com/1105108 SUSE Bug 1105108 https://bugzilla.suse.com/1126516 SUSE Bug 1126516 https://bugzilla.suse.com/1173489 SUSE Bug 1173489 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201457 SUSE Bug 1201457 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 https://bugzilla.suse.com/1203236 SUSE Bug 1203236 Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12126 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12126.html CVE-2018-12126 https://bugzilla.suse.com/1103186 SUSE Bug 1103186 https://bugzilla.suse.com/1111331 SUSE Bug 1111331 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1135409 SUSE Bug 1135409 https://bugzilla.suse.com/1135524 SUSE Bug 1135524 https://bugzilla.suse.com/1137916 SUSE Bug 1137916 https://bugzilla.suse.com/1138534 SUSE Bug 1138534 https://bugzilla.suse.com/1141977 SUSE Bug 1141977 https://bugzilla.suse.com/1149725 SUSE Bug 1149725 https://bugzilla.suse.com/1149726 SUSE Bug 1149726 https://bugzilla.suse.com/1149729 SUSE Bug 1149729 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12130 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12130.html CVE-2018-12130 https://bugzilla.suse.com/1103186 SUSE Bug 1103186 https://bugzilla.suse.com/1111331 SUSE Bug 1111331 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1135409 SUSE Bug 1135409 https://bugzilla.suse.com/1137916 SUSE Bug 1137916 https://bugzilla.suse.com/1138534 SUSE Bug 1138534 https://bugzilla.suse.com/1141977 SUSE Bug 1141977 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. CVE-2018-3640 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-3640.html CVE-2018-3640 https://bugzilla.suse.com/1074701 SUSE Bug 1074701 https://bugzilla.suse.com/1087078 SUSE Bug 1087078 https://bugzilla.suse.com/1087083 SUSE Bug 1087083 https://bugzilla.suse.com/1094912 SUSE Bug 1094912 https://bugzilla.suse.com/1098813 SUSE Bug 1098813 https://bugzilla.suse.com/1100394 SUSE Bug 1100394 https://bugzilla.suse.com/1115893 SUSE Bug 1115893 https://bugzilla.suse.com/1175912 SUSE Bug 1175912 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11135 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-11135.html CVE-2019-11135 https://bugzilla.suse.com/1139073 SUSE Bug 1139073 https://bugzilla.suse.com/1152497 SUSE Bug 1152497 https://bugzilla.suse.com/1152505 SUSE Bug 1152505 https://bugzilla.suse.com/1152506 SUSE Bug 1152506 https://bugzilla.suse.com/1160120 SUSE Bug 1160120 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. CVE-2019-11139 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-11139.html CVE-2019-11139 https://bugzilla.suse.com/1141035 SUSE Bug 1141035 Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-0543 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-0543.html CVE-2020-0543 https://bugzilla.suse.com/1154824 SUSE Bug 1154824 https://bugzilla.suse.com/1172205 SUSE Bug 1172205 https://bugzilla.suse.com/1172206 SUSE Bug 1172206 https://bugzilla.suse.com/1172207 SUSE Bug 1172207 https://bugzilla.suse.com/1172770 SUSE Bug 1172770 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-0548 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-0548.html CVE-2020-0548 https://bugzilla.suse.com/1156353 SUSE Bug 1156353 Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-24489 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24489.html CVE-2020-24489 https://bugzilla.suse.com/1179839 SUSE Bug 1179839 https://bugzilla.suse.com/1192359 SUSE Bug 1192359 https://bugzilla.suse.com/1199300 SUSE Bug 1199300 https://bugzilla.suse.com/1201731 SUSE Bug 1201731 Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-24511 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24511.html CVE-2020-24511 https://bugzilla.suse.com/1179836 SUSE Bug 1179836 https://bugzilla.suse.com/1192360 SUSE Bug 1192360 https://bugzilla.suse.com/1199300 SUSE Bug 1199300 https://bugzilla.suse.com/1201731 SUSE Bug 1201731 Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-24512 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24512.html CVE-2020-24512 https://bugzilla.suse.com/1179837 SUSE Bug 1179837 https://bugzilla.suse.com/1192360 SUSE Bug 1192360 https://bugzilla.suse.com/1199300 SUSE Bug 1199300 https://bugzilla.suse.com/1201731 SUSE Bug 1201731 Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-24513 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24513.html CVE-2020-24513 https://bugzilla.suse.com/1179833 SUSE Bug 1179833 https://bugzilla.suse.com/1192360 SUSE Bug 1192360 https://bugzilla.suse.com/1199300 SUSE Bug 1199300 https://bugzilla.suse.com/1201731 SUSE Bug 1201731 Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2020-8695 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-8695.html CVE-2020-8695 https://bugzilla.suse.com/1170415 SUSE Bug 1170415 https://bugzilla.suse.com/1170446 SUSE Bug 1170446 https://bugzilla.suse.com/1178591 SUSE Bug 1178591 Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8696 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-8696.html CVE-2020-8696 https://bugzilla.suse.com/1173592 SUSE Bug 1173592 Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8698 openSUSE Tumbleweed:ucode-intel-20210608-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-8698.html CVE-2020-8698 https://bugzilla.suse.com/1173594 SUSE Bug 1173594