ucode-intel-20220207-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11840 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ucode-intel-20220207-1.1 on GA media These are all security issues fixed in the ucode-intel-20220207-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11840 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11840 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-0127/ SUSE CVE CVE-2021-0127 page https://www.suse.com/security/cve/CVE-2021-0145/ SUSE CVE CVE-2021-0145 page https://www.suse.com/security/cve/CVE-2021-0146/ SUSE CVE CVE-2021-0146 page https://www.suse.com/security/cve/CVE-2021-33120/ SUSE CVE CVE-2021-33120 page openSUSE Tumbleweed ucode-intel-20220207-1.1 ucode-intel-20220207-1.1 as a component of openSUSE Tumbleweed Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. CVE-2021-0127 openSUSE Tumbleweed:ucode-intel-20220207-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-0127.html CVE-2021-0127 https://bugzilla.suse.com/1195779 SUSE Bug 1195779 Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2021-0145 openSUSE Tumbleweed:ucode-intel-20220207-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-0145.html CVE-2021-0145 https://bugzilla.suse.com/1195780 SUSE Bug 1195780 Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-0146 openSUSE Tumbleweed:ucode-intel-20220207-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-0146.html CVE-2021-0146 https://bugzilla.suse.com/1192615 SUSE Bug 1192615 https://bugzilla.suse.com/1193500 SUSE Bug 1193500 https://bugzilla.suse.com/1200661 SUSE Bug 1200661 https://bugzilla.suse.com/1200663 SUSE Bug 1200663 https://bugzilla.suse.com/1205062 SUSE Bug 1205062 Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. CVE-2021-33120 openSUSE Tumbleweed:ucode-intel-20220207-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-33120.html CVE-2021-33120 https://bugzilla.suse.com/1195781 SUSE Bug 1195781