Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2026:0668-1

Опубликовано: 26 фев. 2026
Источник: suse-cvrf

Описание

Security update for ucode-intel

This update for ucode-intel fixes the following issues:

  • Intel CPU Microcode was updated to the 20260210 release (bsc#1258046)
  • CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129)
  • CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege. (bsc#1258046)

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Micro 5.2
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Micro 5.3
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Micro 5.4
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Micro 5.5
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server 15 SP4-LTSS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server 15 SP5-LTSS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server 15 SP6-LTSS
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise Server for SAP Applications 15 SP6
ucode-intel-20260210-150200.62.1
openSUSE Leap 15.6
ucode-intel-20260210-150200.62.1

Ссылки

Описание

Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20260210-150200.62.1
Ссылки

Описание

Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ucode-intel-20260210-150200.62.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:ucode-intel-20260210-150200.62.1
Ссылки