Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Updated to Intel CPU Microcode 20230808 release. (bsc#1214099)
- CVE-2022-40982: Fixed a potential security vulnerability in some Intel® Processors which may allow information disclosure.
- CVE-2023-23908: Fixed a potential security vulnerability in some 3rd Generation Intel® Xeon® Scalable processors which may allow information disclosure.
- CVE-2022-41804: Fixed a potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions (SGX) which may allow escalation of privilege.
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-123.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-123.1
SUSE Linux Enterprise Server 12 SP5
ucode-intel-20230808-123.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ucode-intel-20230808-123.1
Ссылки
- Link for SUSE-SU-2023:3382-1
- E-Mail link for SUSE-SU-2023:3382-1
- SUSE Security Ratings
- SUSE Bug 1206418
- SUSE Bug 1214099
- SUSE CVE CVE-2022-40982 page
- SUSE CVE CVE-2022-41804 page
- SUSE CVE CVE-2023-23908 page
Описание
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-123.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server 12 SP5:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20230808-123.1
Ссылки
- CVE-2022-40982
- SUSE Bug 1206418
- SUSE Bug 1215674
Описание
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-123.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server 12 SP5:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20230808-123.1
Ссылки
- CVE-2022-41804
- SUSE Bug 1214099
- SUSE Bug 1215580
Описание
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-123.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server 12 SP5:ucode-intel-20230808-123.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20230808-123.1
Ссылки
- CVE-2023-23908
- SUSE Bug 1214099