Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20230214 release.
Security issues fixed:
-
CVE-2022-38090: Security updates for INTEL-SA-00767 (bsc#1208275)
-
CVE-2022-33196: Security updates for INTEL-SA-00738 (bsc#1208276)
-
CVE-2022-21216: Security updates for INTEL-SA-00700 (bsc#1208277)
-
New Platforms:
Processor Stepping F-M-S/PI Old Ver New Ver Products SPR-SP E2 06-8f-05/87 2b000181 Xeon Scalable Gen4 SPR-SP E3 06-8f-06/87 2b000181 Xeon Scalable Gen4 SPR-SP E4 06-8f-07/87 2b000181 Xeon Scalable Gen4 SPR-SP E5 06-8f-08/87 2b000181 Xeon Scalable Gen4 SPR-HBM B3 06-8f-08/10 2c000170 Xeon Max RPL-P 6+8 J0 06-ba-02/07 0000410e Core Gen13 RPL-H 6+8 J0 06-ba-02/07 0000410e Core Gen13 RPL-U 2+8 Q0 06-ba-02/07 0000410e Core Gen13 -
Updated Platforms:
Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000026 0000002c Core Gen12 ADL C0 06-97-05/07 00000026 0000002c Core Gen12 ADL C0 06-bf-02/07 00000026 0000002c Core Gen12 ADL C0 06-bf-05/07 00000026 0000002c Core Gen12 ADL L0 06-9a-03/80 00000424 00000429 Core Gen12 ADL L0 06-9a-04/80 00000424 00000429 Core Gen12 CLX-SP B0 06-55-06/bf 04003302 04003303 Xeon Scalable Gen2 CLX-SP B1 06-55-07/bf 05003302 05003303 Xeon Scalable Gen2 CPX-SP A1 06-55-0b/bf 07002501 07002503 Xeon Scalable Gen3 GLK B0 06-7a-01/01 0000003c 0000003e Pentium Silver N/J5xxx, Celeron N/J4xxx GLK-R R0 06-7a-08/01 00000020 00000022 Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 ICL-D B0 06-6c-01/10 01000201 01000211 Xeon D-17xx, D-27xx ICL-U/Y D1 06-7e-05/80 000000b6 000000b8 Core Gen10 Mobile ICX-SP D0 06-6a-06/87 0d000375 0d000389 Xeon Scalable Gen3 JSL A0/A1 06-9c-00/01 24000023 24000024 Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 LKF B2/B3 06-8a-01/10 00000031 00000032 Core w/Hybrid Technology RKL-S B0 06-a7-01/02 00000056 00000057 Core Gen11 RPL-S S0 06-b7-01/32 0000010e 00000112 Core Gen13 SKX-SP B1 06-55-03/97 0100015e 01000161 Xeon Scalable
Список пакетов
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
SUSE Linux Enterprise Server 15 SP1-LTSS
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Ссылки
- Link for SUSE-SU-2023:0454-1
- E-Mail link for SUSE-SU-2023:0454-1
- SUSE Security Ratings
- SUSE Bug 1208275
- SUSE Bug 1208276
- SUSE Bug 1208277
- SUSE CVE CVE-2022-21216 page
- SUSE CVE CVE-2022-33196 page
- SUSE CVE CVE-2022-38090 page
Описание
Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.
Затронутые продукты
Ссылки
- CVE-2022-21216
- SUSE Bug 1208277
- SUSE Bug 1209936
- SUSE Bug 1211490
- SUSE Bug 1211511
- SUSE Bug 1213820
Описание
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Затронутые продукты
Ссылки
- CVE-2022-33196
- SUSE Bug 1208276
- SUSE Bug 1209936
- SUSE Bug 1211490
- SUSE Bug 1211511
- SUSE Bug 1213820
Описание
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.
Затронутые продукты
Ссылки
- CVE-2022-38090
- SUSE Bug 1208275