Security update for ucode-intel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20058-1 Final 1 1 2025-02-03T08:57:28Z current 2025-02-03T08:57:28Z 2025-02-03T08:57:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ucode-intel This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) - CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. - CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access ### New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | TWL | N0 | 06-be-00/19 | | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000035 | 00000036 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000035 | 00000036 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000433 | 00000434 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000433 | 00000434 | Core Gen12 | ADL-N | N0 | 06-be-00/11 | 00000017 | 0000001a | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | MTL | C0 | 06-aa-04/e6 | 0000001e | 0000001f | Core Ultra Processor | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000123 | 00000129 | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004121 | 00004122 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000035 | 00000036 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000035 | 00000036 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004121 | 00004122 | Core Gen13 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.0-54 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520058-1/ Link for SUSE-SU-2025:20058-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021269.html E-Mail link for SUSE-SU-2025:20058-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1230400 SUSE Bug 1230400 https://www.suse.com/security/cve/CVE-2024-23984/ SUSE CVE CVE-2024-23984 page https://www.suse.com/security/cve/CVE-2024-24968/ SUSE CVE CVE-2024-24968 page SUSE Linux Micro 6.0 ucode-intel-20240910-1.1 ucode-intel-20240910-1.1 as a component of SUSE Linux Micro 6.0 Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2024-23984 SUSE Linux Micro 6.0:ucode-intel-20240910-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520058-1/ https://www.suse.com/security/cve/CVE-2024-23984.html CVE-2024-23984 https://bugzilla.suse.com/1230400 SUSE Bug 1230400 Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. CVE-2024-24968 SUSE Linux Micro 6.0:ucode-intel-20240910-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520058-1/ https://www.suse.com/security/cve/CVE-2024-24968.html CVE-2024-24968 https://bugzilla.suse.com/1230400 SUSE Bug 1230400