Описание
Security update for ucode-intel
This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20220207 release.
-
CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615)
-
CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779)
-
CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780)
-
CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781)
-
Security updates for INTEL-SA-00528
-
Security updates for INTEL-SA-00532
Список пакетов
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2022:0574-1
- SUSE Security Ratings
- SUSE Bug 1192615
- SUSE Bug 1195779
- SUSE Bug 1195780
- SUSE Bug 1195781
- SUSE CVE CVE-2021-0127 page
- SUSE CVE CVE-2021-0145 page
- SUSE CVE CVE-2021-0146 page
- SUSE CVE CVE-2021-33120 page
Описание
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.
Затронутые продукты
Ссылки
- CVE-2021-0127
- SUSE Bug 1195779
Описание
Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Затронутые продукты
Ссылки
- CVE-2021-0145
- SUSE Bug 1195780
Описание
Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Затронутые продукты
Ссылки
- CVE-2021-0146
- SUSE Bug 1192615
- SUSE Bug 1193500
- SUSE Bug 1200661
- SUSE Bug 1200663
- SUSE Bug 1205062
Описание
Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.
Затронутые продукты
Ссылки
- CVE-2021-33120
- SUSE Bug 1195781