Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
- Updated to 20191112 official security release (bsc#1155988)
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Список пакетов
openSUSE Leap 15.1
ucode-intel-20191112a-lp151.2.12.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2528-1
- SUSE Security Ratings
- SUSE Bug 1139073
- SUSE Bug 1141035
- SUSE Bug 1155988
- SUSE CVE CVE-2019-11135 page
- SUSE CVE CVE-2019-11139 page
Описание
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Затронутые продукты
openSUSE Leap 15.1:ucode-intel-20191112a-lp151.2.12.1
Ссылки
- CVE-2019-11135
- SUSE Bug 1139073
- SUSE Bug 1152497
- SUSE Bug 1152505
- SUSE Bug 1152506
- SUSE Bug 1160120
- SUSE Bug 1201877
Описание
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
Затронутые продукты
openSUSE Leap 15.1:ucode-intel-20191112a-lp151.2.12.1
Ссылки
- CVE-2019-11139
- SUSE Bug 1141035