Oval Definition:oval:org.opensuse.security:def:2570
Revision Date:2020-12-02Version:1
Title:Security update for ucode-intel (Moderate)
Description:

This update for ucode-intel fixes the following issues:

- Intel CPU Microcode updated to 20201027 pre-release - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446) - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)

# New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3 | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10 | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile # Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5 | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3 | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2 | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2 | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6 | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8 | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9 | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Family:unixClass:patch
Status:Reference(s):1082318
1100331
1107424
1121967
1122191
1129180
1129186
1129403
1130040
1134156
1135881
1136029
1136109
1136480
1137715
1137940
1138301
1138302
1138303
1138313
1138358
1138494
1138822
1138872
1138920
1139083
1139453
1139649
1140255
1140359
1142038
1142160
1142413
1143409
1143856
1144155
1144889
1145575
1145738
1145739
1145740
1145741
1145742
1146882
1146884
1148125
1148177
1148311
1153102
1170446
1173594
1178466
CVE-2018-10892
CVE-2018-16548
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-10136
CVE-2019-10161
CVE-2019-10166
CVE-2019-10167
CVE-2019-11708
CVE-2019-12900
CVE-2019-12973
CVE-2019-13132
CVE-2019-13509
CVE-2019-14271
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-17113
CVE-2019-3835
CVE-2019-3839
CVE-2019-5010
CVE-2019-5736
CVE-2019-9517
CVE-2020-8037
CVE-2020-8695
CVE-2020-8698
SUSE-SU-2019:0271-1
SUSE-SU-2019:1637-1
SUSE-SU-2019:1682-1
SUSE-SU-2019:1776-1
SUSE-SU-2019:1846-1
SUSE-SU-2019:2117-1
SUSE-SU-2019:2237-1
SUSE-SU-2019:2317-1
SUSE-SU-2019:2460-1
SUSE-SU-2019:2622-1
SUSE-SU-2019:2750-1
SUSE-SU-2020:3271-1
SUSE-SU-2020:3358-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND haproxy-1.5.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • MozillaFirefox-31.1.0esr-1 is installed
  • OR MozillaFirefox-translations-31.1.0esr-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libopus0-1.1-3 is installed
  • OR opus-1.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libXi-1.7.4-17 is installed
  • OR libXi6-1.7.4-17 is installed
  • OR libXi6-32bit-1.7.4-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libXfixes3-5.0.1-7 is installed
  • OR libXfixes3-32bit-5.0.1-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND Package Information
  • libpacemaker3-1.1.15-19 is installed
  • OR pacemaker-1.1.15-19 is installed
  • OR pacemaker-cli-1.1.15-19 is installed
  • OR pacemaker-cts-1.1.15-19 is installed
  • OR pacemaker-remote-1.1.15-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND libpcreposix0-8.39-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND libpcreposix0-8.39-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-150.35 is installed
  • OR dlm-kmp-default-4.12.14-150.35 is installed
  • OR gfs2-kmp-default-4.12.14-150.35 is installed
  • OR kernel-default-4.12.14-150.35 is installed
  • OR ocfs2-kmp-default-4.12.14-150.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • libqb-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-devel-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-tests-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb-tools-1.0.3+20190326.a521604-3.3 is installed
  • OR libqb20-1.0.3+20190326.a521604-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND ucode-intel-20201027-2.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • python-numpy_1_16_1-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python2-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-1.16.1-4.8 is installed
  • OR python3-numpy-gnu-hpc-devel-1.16.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 SP1 is installed
  • AND Package Information
  • libmunge2-0.5.13-4.3 is installed
  • OR munge-0.5.13-4.3 is installed
  • OR munge-devel-0.5.13-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND syslog-ng-3.4.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.19 is installed
  • OR reiserfs-kmp-default-4.12.14-25.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.7 is installed
  • OR reiserfs-kmp-default-4.12.14-197.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND kernel-livepatch-tools-1.1-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • libvirt-4.0.0-9.27 is installed
  • OR wireshark-plugin-libvirt-4.0.0-9.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libxslt-1.1.32-3.3 is installed
  • OR libxslt-devel-32bit-1.1.32-3.3 is installed
  • OR libxslt-python-1.1.32-3.3 is installed
  • OR libxslt1-32bit-1.1.32-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • dpdk-17.11.2-3.2 is installed
  • OR dpdk-devel-17.11.2-3.2 is installed
  • OR dpdk-kmp-default-17.11.2_k4.12.14_23-3.2 is installed
  • OR dpdk-thunderx-17.11.2-3.2 is installed
  • OR dpdk-thunderx-devel-17.11.2-3.2 is installed
  • OR dpdk-thunderx-kmp-default-17.11.2_k4.12.14_23-3.2 is installed
  • OR dpdk-tools-17.11.2-3.2 is installed
  • OR libdpdk-17_11-0-17.11.2-3.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • nginx-1.14.2-6.3 is installed
  • OR nginx-source-1.14.2-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • apache2-mod_php5-5.5.14-42.2 is installed
  • OR php5-5.5.14-42.2 is installed
  • OR php5-bcmath-5.5.14-42.2 is installed
  • OR php5-bz2-5.5.14-42.2 is installed
  • OR php5-calendar-5.5.14-42.2 is installed
  • OR php5-ctype-5.5.14-42.2 is installed
  • OR php5-curl-5.5.14-42.2 is installed
  • OR php5-dba-5.5.14-42.2 is installed
  • OR php5-dom-5.5.14-42.2 is installed
  • OR php5-enchant-5.5.14-42.2 is installed
  • OR php5-exif-5.5.14-42.2 is installed
  • OR php5-fastcgi-5.5.14-42.2 is installed
  • OR php5-fileinfo-5.5.14-42.2 is installed
  • OR php5-fpm-5.5.14-42.2 is installed
  • OR php5-ftp-5.5.14-42.2 is installed
  • OR php5-gd-5.5.14-42.2 is installed
  • OR php5-gettext-5.5.14-42.2 is installed
  • OR php5-gmp-5.5.14-42.2 is installed
  • OR php5-iconv-5.5.14-42.2 is installed
  • OR php5-intl-5.5.14-42.2 is installed
  • OR php5-json-5.5.14-42.2 is installed
  • OR php5-ldap-5.5.14-42.2 is installed
  • OR php5-mbstring-5.5.14-42.2 is installed
  • OR php5-mcrypt-5.5.14-42.2 is installed
  • OR php5-mysql-5.5.14-42.2 is installed
  • OR php5-odbc-5.5.14-42.2 is installed
  • OR php5-opcache-5.5.14-42.2 is installed
  • OR php5-openssl-5.5.14-42.2 is installed
  • OR php5-pcntl-5.5.14-42.2 is installed
  • OR php5-pdo-5.5.14-42.2 is installed
  • OR php5-pear-5.5.14-42.2 is installed
  • OR php5-pgsql-5.5.14-42.2 is installed
  • OR php5-posix-5.5.14-42.2 is installed
  • OR php5-pspell-5.5.14-42.2 is installed
  • OR php5-shmop-5.5.14-42.2 is installed
  • OR php5-snmp-5.5.14-42.2 is installed
  • OR php5-soap-5.5.14-42.2 is installed
  • OR php5-sockets-5.5.14-42.2 is installed
  • OR php5-sqlite-5.5.14-42.2 is installed
  • OR php5-suhosin-5.5.14-42.2 is installed
  • OR php5-sysvmsg-5.5.14-42.2 is installed
  • OR php5-sysvsem-5.5.14-42.2 is installed
  • OR php5-sysvshm-5.5.14-42.2 is installed
  • OR php5-tokenizer-5.5.14-42.2 is installed
  • OR php5-wddx-5.5.14-42.2 is installed
  • OR php5-xmlreader-5.5.14-42.2 is installed
  • OR php5-xmlrpc-5.5.14-42.2 is installed
  • OR php5-xmlwriter-5.5.14-42.2 is installed
  • OR php5-xsl-5.5.14-42.2 is installed
  • OR php5-zip-5.5.14-42.2 is installed
  • OR php5-zlib-5.5.14-42.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs8-8.11.3-3.5 is installed
  • OR nodejs8-devel-8.11.3-3.5 is installed
  • OR nodejs8-docs-8.11.3-3.5 is installed
  • OR npm8-8.11.3-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-1 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-36 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND mutt-1.6.0-54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • libmspack-0.4-10.1 is installed
  • OR libmspack-devel-0.4-10.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND libmusicbrainz-devel-2.1.5-27.86 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • typelib-1_0-EvinceDocument-3_0-3.10.3-1.213 is installed
  • OR typelib-1_0-EvinceView-3_0-3.10.3-1.213 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.22 is installed
  • OR kernel-default-extra-4.12.14-25.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • evolution-3.26.6-4.3 is installed
  • OR evolution-devel-3.26.6-4.3 is installed
  • OR evolution-lang-3.26.6-4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-4.3 is installed
    • BACK