Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 prerelease
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |
|---|---|---|---|---|---|
| TGL | B1 | 06-8c-01/80 | 00000068 | Core Gen11 Mobile | |
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | Xeon Scalable Gen3 | |
| CML-H | R1 | 06-a5-02/20 | 000000e0 | Core Gen10 Mobile | |
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | Core Gen10 | |
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | Core Gen10 | |
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | Core Gen10 Mobile |
Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |
|---|---|---|---|---|---|
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 |
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile |
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile |
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx |
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx |
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5 |
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3 |
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable |
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable |
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx |
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2 |
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2 |
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile |
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile |
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile |
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile |
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile |
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile |
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile |
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile |
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6 |
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E |
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8 |
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9 |
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile |
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile |
Список пакетов
HPE Helion OpenStack 8
ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
ucode-intel-20201027-13.76.1
SUSE Enterprise Storage 5
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server 12 SP2-BCL
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server 12 SP2-LTSS
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server 12 SP3-BCL
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server 12 SP3-LTSS
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server 12 SP4-LTSS
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
ucode-intel-20201027-13.76.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ucode-intel-20201027-13.76.1
SUSE OpenStack Cloud 7
ucode-intel-20201027-13.76.1
SUSE OpenStack Cloud 8
ucode-intel-20201027-13.76.1
SUSE OpenStack Cloud 9
ucode-intel-20201027-13.76.1
SUSE OpenStack Cloud Crowbar 8
ucode-intel-20201027-13.76.1
SUSE OpenStack Cloud Crowbar 9
ucode-intel-20201027-13.76.1
Ссылки
- Link for SUSE-SU-2020:3279-1
- E-Mail link for SUSE-SU-2020:3279-1
- SUSE Security Ratings
- SUSE Bug 1170446
- SUSE Bug 1173594
- SUSE CVE CVE-2020-8695 page
- SUSE CVE CVE-2020-8698 page
Описание
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
Затронутые продукты
HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:ucode-intel-20201027-13.76.1
SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1
Ссылки
- CVE-2020-8695
- SUSE Bug 1170415
- SUSE Bug 1170446
- SUSE Bug 1178591
Описание
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:ucode-intel-20201027-13.76.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production:ucode-intel-20201027-13.76.1
SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1
Ссылки
- CVE-2020-8698
- SUSE Bug 1173594