Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Updated to Intel CPU Microcode 20230808 release. (bsc#1214099)
- CVE-2022-40982: Fixed a potential security vulnerability in some Intel® Processors which may allow information disclosure.
- CVE-2023-23908: Fixed a potential security vulnerability in some 3rd Generation Intel® Xeon® Scalable processors which may allow information disclosure.
- CVE-2022-41804: Fixed a potential security vulnerability in some Intel® Xeon® Processors with Intel® Software Guard Extensions (SGX) which may allow escalation of privilege.
Список пакетов
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP6-SAP-Azure-LI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP6-SAP-Azure-LI-BYOS-Production
ucode-intel-20230808-150200.27.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS
ucode-intel-20230808-150200.27.1
Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production
ucode-intel-20230808-150200.27.1
SUSE Enterprise Storage 7.1
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Micro 5.1
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Micro 5.2
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Micro 5.3
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Micro 5.4
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Server 15 SP2-LTSS
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Server 15 SP3-LTSS
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
ucode-intel-20230808-150200.27.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
ucode-intel-20230808-150200.27.1
SUSE Manager Proxy 4.2
ucode-intel-20230808-150200.27.1
SUSE Manager Server 4.2
ucode-intel-20230808-150200.27.1
openSUSE Leap 15.4
ucode-intel-20230808-150200.27.1
openSUSE Leap 15.5
ucode-intel-20230808-150200.27.1
openSUSE Leap Micro 5.3
ucode-intel-20230808-150200.27.1
openSUSE Leap Micro 5.4
ucode-intel-20230808-150200.27.1
Ссылки
- Link for SUSE-SU-2023:3383-1
- E-Mail link for SUSE-SU-2023:3383-1
- SUSE Security Ratings
- SUSE Bug 1206418
- SUSE Bug 1214099
- SUSE CVE CVE-2022-40982 page
- SUSE CVE CVE-2022-41804 page
- SUSE CVE CVE-2023-23908 page
Описание
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Ссылки
- CVE-2022-40982
- SUSE Bug 1206418
- SUSE Bug 1215674
Описание
Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Ссылки
- CVE-2022-41804
- SUSE Bug 1214099
- SUSE Bug 1215580
Описание
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:ucode-intel-20230808-150200.27.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:ucode-intel-20230808-150200.27.1
Ссылки
- CVE-2023-23908
- SUSE Bug 1214099