Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Updated to Intel CPU Microcode 20230808 release. (bsc#1214099)
- CVE-2022-40982: Fixed a potential security vulnerability in some Intel® Processors which may allow information disclosure.
- CVE-2023-23908: Fixed a potential security vulnerability in some 3rd Generation Intel® Xeon® Scalable processors which may allow information disclosure.
- CVE-2022-41804: Fixed a potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions (SGX) which may allow escalation of privilege.
Список пакетов
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150100.3.223.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise Server 15 SP1-LTSS
ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
ucode-intel-20230808-150100.3.223.1
Ссылки
- Link for SUSE-SU-2023:3359-1
- E-Mail link for SUSE-SU-2023:3359-1
- SUSE Security Ratings
- SUSE Bug 1206418
- SUSE Bug 1214099
- SUSE CVE CVE-2022-40982 page
- SUSE CVE CVE-2022-41804 page
- SUSE CVE CVE-2023-23908 page
Описание
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
Ссылки
- CVE-2022-40982
- SUSE Bug 1206418
- SUSE Bug 1215674
Описание
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
Ссылки
- CVE-2022-41804
- SUSE Bug 1214099
- SUSE Bug 1215580
Описание
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20230808-150100.3.223.1
Ссылки
- CVE-2023-23908
- SUSE Bug 1214099