exploitDog

SUSE-SU-2023:0568-1

Опубликовано: 28 фев. 2023

Источник: suse-cvrf

Описание

Security update for ucode-intel

This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20230214 release.

Security issues fixed:

CVE-2022-38090: Security updates for INTEL-SA-00767 (bsc#1208275)
CVE-2022-33196: Security updates for INTEL-SA-00738 (bsc#1208276)
CVE-2022-21216: Security updates for INTEL-SA-00700 (bsc#1208277)

New Platforms:

Processor	Stepping	F-M-S/PI	Old Ver	New Ver	Products
SPR-SP	E2	06-8f-05/87		2b000181	Xeon Scalable Gen4
SPR-SP	E3	06-8f-06/87		2b000181	Xeon Scalable Gen4
SPR-SP	E4	06-8f-07/87		2b000181	Xeon Scalable Gen4
SPR-SP	E5	06-8f-08/87		2b000181	Xeon Scalable Gen4
SPR-HBM	B3	06-8f-08/10		2c000170	Xeon Max
RPL-P 6+8	J0	06-ba-02/07		0000410e	Core Gen13
RPL-H 6+8	J0	06-ba-02/07		0000410e	Core Gen13
RPL-U 2+8	Q0	06-ba-02/07		0000410e	Core Gen13

Updated Platforms:

Processor	Stepping	F-M-S/PI	Old Ver	New Ver	Products
ADL	C0	06-97-02/07	00000026	0000002c	Core Gen12
ADL	C0	06-97-05/07	00000026	0000002c	Core Gen12
ADL	C0	06-bf-02/07	00000026	0000002c	Core Gen12
ADL	C0	06-bf-05/07	00000026	0000002c	Core Gen12
ADL	L0	06-9a-03/80	00000424	00000429	Core Gen12
ADL	L0	06-9a-04/80	00000424	00000429	Core Gen12
CLX-SP	B0	06-55-06/bf	04003302	04003303	Xeon Scalable Gen2
CLX-SP	B1	06-55-07/bf	05003302	05003303	Xeon Scalable Gen2
CPX-SP	A1	06-55-0b/bf	07002501	07002503	Xeon Scalable Gen3
GLK	B0	06-7a-01/01	0000003c	0000003e	Pentium Silver N/J5xxx, Celeron N/J4xxx
GLK-R	R0	06-7a-08/01	00000020	00000022	Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
ICL-D	B0	06-6c-01/10	01000201	01000211	Xeon D-17xx, D-27xx
ICL-U/Y	D1	06-7e-05/80	000000b6	000000b8	Core Gen10 Mobile
ICX-SP	D0	06-6a-06/87	0d000375	0d000389	Xeon Scalable Gen3
JSL	A0/A1	06-9c-00/01	24000023	24000024	Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
LKF	B2/B3	06-8a-01/10	00000031	00000032	Core w/Hybrid Technology
RKL-S	B0	06-a7-01/02	00000056	00000057	Core Gen11
RPL-S	S0	06-b7-01/32	0000010e	00000112	Core Gen13
SKX-SP	B1	06-55-03/97	0100015e	01000161	Xeon Scalable

Список пакетов

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP6-SAP-Azure-LI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP6-SAP-Azure-LI-BYOS-Production

ucode-intel-20230214-150200.21.1

Image SLES15-SP6-SAP-Azure-VLI-BYOS

ucode-intel-20230214-150200.21.1

Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production

ucode-intel-20230214-150200.21.1

SUSE Enterprise Storage 7

ucode-intel-20230214-150200.21.1

SUSE Enterprise Storage 7.1

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Micro 5.1

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Micro 5.2

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Micro 5.3

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Real Time 15 SP3

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Server 15 SP2-LTSS

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Server 15 SP3-LTSS

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

ucode-intel-20230214-150200.21.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

ucode-intel-20230214-150200.21.1

SUSE Manager Proxy 4.2

ucode-intel-20230214-150200.21.1

SUSE Manager Server 4.2

ucode-intel-20230214-150200.21.1

openSUSE Leap 15.4

ucode-intel-20230214-150200.21.1

openSUSE Leap Micro 5.3

ucode-intel-20230214-150200.21.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230568-1/
Link for SUSE-SU-2023:0568-1
https://lists.suse.com/pipermail/sle-security-updates/2023-February/013926.html
E-Mail link for SUSE-SU-2023:0568-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1208275
SUSE Bug 1208275
https://bugzilla.suse.com/1208276
SUSE Bug 1208276
https://bugzilla.suse.com/1208277
SUSE Bug 1208277
https://www.suse.com/security/cve/CVE-2022-21216/
SUSE CVE CVE-2022-21216 page
https://www.suse.com/security/cve/CVE-2022-33196/
SUSE CVE CVE-2022-33196 page
https://www.suse.com/security/cve/CVE-2022-38090/
SUSE CVE CVE-2022-38090 page

Описание

Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access.

Затронутые продукты

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-21216.html
CVE-2022-21216
https://bugzilla.suse.com/1208277
SUSE Bug 1208277
https://bugzilla.suse.com/1209936
SUSE Bug 1209936
https://bugzilla.suse.com/1211490
SUSE Bug 1211490
https://bugzilla.suse.com/1211511
SUSE Bug 1211511
https://bugzilla.suse.com/1213820
SUSE Bug 1213820

Описание

Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.

Затронутые продукты

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-33196.html
CVE-2022-33196
https://bugzilla.suse.com/1208276
SUSE Bug 1208276
https://bugzilla.suse.com/1209936
SUSE Bug 1209936
https://bugzilla.suse.com/1211490
SUSE Bug 1211490
https://bugzilla.suse.com/1211511
SUSE Bug 1211511
https://bugzilla.suse.com/1213820
SUSE Bug 1213820

Описание

Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access.

Затронутые продукты

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230214-150200.21.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230214-150200.21.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-38090.html
CVE-2022-38090
https://bugzilla.suse.com/1208275
SUSE Bug 1208275

Уязвимость SUSE-SU-2023:0568-1