Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Updated to 20191112 official security release (bsc#1155988)
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
ucode-intel-20191112a-3.31.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
ucode-intel-20191112a-3.31.1
SUSE Linux Enterprise Module for Basesystem 15
ucode-intel-20191112a-3.31.1
Ссылки
- Link for SUSE-SU-2019:2986-1
- E-Mail link for SUSE-SU-2019:2986-1
- SUSE Security Ratings
- SUSE Bug 1139073
- SUSE Bug 1141035
- SUSE Bug 1155988
- SUSE CVE CVE-2019-11135 page
- SUSE CVE CVE-2019-11139 page
Описание
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:ucode-intel-20191112a-3.31.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:ucode-intel-20191112a-3.31.1
SUSE Linux Enterprise Module for Basesystem 15:ucode-intel-20191112a-3.31.1
Ссылки
- CVE-2019-11135
- SUSE Bug 1139073
- SUSE Bug 1152497
- SUSE Bug 1152505
- SUSE Bug 1152506
- SUSE Bug 1160120
- SUSE Bug 1201877
Описание
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:ucode-intel-20191112a-3.31.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:ucode-intel-20191112a-3.31.1
SUSE Linux Enterprise Module for Basesystem 15:ucode-intel-20191112a-3.31.1
Ссылки
- CVE-2019-11139
- SUSE Bug 1141035