SUSE-SU-2023:3389-1

Опубликовано: 23 авг. 2023

Источник: suse-cvrf

Описание

Security update for kernel-firmware

This update for kernel-firmware fixes the following issues:

CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. (bsc#1213287)

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

kernel-firmware-20200107-150100.3.37.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

SUSE Linux Enterprise Server 15 SP1-LTSS

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

SUSE Linux Enterprise Server 15 SP2-LTSS

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

kernel-firmware-20200107-150100.3.37.1

ucode-amd-20200107-150100.3.37.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233389-1/
Link for SUSE-SU-2023:3389-1
https://lists.suse.com/pipermail/sle-updates/2023-August/031136.html
E-Mail link for SUSE-SU-2023:3389-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1213287
SUSE Bug 1213287
https://www.suse.com/security/cve/CVE-2023-20569/
SUSE CVE CVE-2023-20569 page

Описание

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:kernel-firmware-20200107-150100.3.37.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:kernel-firmware-20200107-150100.3.37.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-20569.html
CVE-2023-20569
https://bugzilla.suse.com/1213287
SUSE Bug 1213287

SUSE-SU-2023:3389-1

Описание

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

Ссылки

Уязвимость: CVE-2023-20569

Описание

Затронутые продукты

Ссылки