OVAL Reference oval:org.opensuse.security:def:55913 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:55913

Revision Date:	2021-06-10	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. - New platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CLX-SP \| A0 \| 06-55-05/b7 \| \| 03000010 \| Xeon Scalable Gen2 \| ICX-SP \| C0 \| 06-6a-05/87 \| \| 0c0002f0 \| Xeon Scalable Gen3 \| ICX-SP \| D0 \| 06-6a-06/87 \| \| 0d0002a0 \| Xeon Scalable Gen3 \| SNR \| B0 \| 06-86-04/01 \| \| 0b00000f \| Atom P59xxB \| SNR \| B1 \| 06-86-05/01 \| \| 0b00000f \| Atom P59xxB \| TGL \| B1 \| 06-8c-01/80 \| \| 00000088 \| Core Gen11 Mobile \| TGL-R \| C0 \| 06-8c-02/c2 \| \| 00000016 \| Core Gen11 Mobile \| TGL-H \| R0 \| 06-8d-01/c2 \| \| 0000002c \| Core Gen11 Mobile \| EHL \| B1 \| 06-96-01/01 \| \| 00000011 \| Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E \| JSL \| A0/A1 \| 06-9c-00/01 \| \| 0000001d \| Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 \| RKL-S \| B0 \| 06-a7-01/02 \| \| 00000040 \| Core Gen11 - Updated platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000044 \| 00000046 \| Core Gen4 X series; Xeon E5 v3 \| HSX-EX \| E0 \| 06-3f-04/80 \| 00000016 \| 00000019 \| Xeon E7 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| BDX-ML \| B0/M0/R0 \| 06-4f-01/ef \| 0b000038 \| 0b00003e \| Xeon E5/E7 v4; Core i7-69xx/68xx \| SKX-SP \| B1 \| 06-55-03/97 \| 01000159 \| 0100015b \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04003006 \| 04003102 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05003006 \| 05003102 \| Xeon Scalable Gen2 \| CPX-SP \| A1 \| 06-55-0b/bf \| 0700001e \| 07002302 \| Xeon Scalable Gen3 \| BDX-DE \| V2/V3 \| 06-56-03/10 \| 07000019 \| 0700001b \| Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 \| BDX-DE \| Y0 \| 06-56-04/10 \| 0f000017 \| 0f000019 \| Xeon D-1557/59/67/71/77/81/87 \| BDX-NS \| A0 \| 06-56-05/10 \| 0e00000f \| 0e000012 \| Xeon D-1513N/23/33/43/53 \| APL \| D0 \| 06-5c-09/03 \| 00000040 \| 00000044 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 0000001e \| 00000020 \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000e2 \| 000000ea \| Core Gen6; Xeon E3 v5 \| DNV \| B0 \| 06-5f-01/01 \| 0000002e \| 00000034 \| Atom C Series \| GLK \| B0 \| 06-7a-01/01 \| 00000034 \| 00000036 \| Pentium Silver N/J5xxx, Celeron N/J4xxx \| GKL-R \| R0 \| 06-7a-08/01 \| 00000018 \| 0000001a \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 000000a0 \| 000000a6 \| Core Gen10 Mobile \| LKF \| B2/B3 \| 06-8a-01/10 \| 00000028 \| 0000002a \| Core w/Hybrid Technology \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000de \| 000000ea \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000e0 \| 000000ea \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000de \| 000000ea \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000de \| 000000ea \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000de \| 000000ea \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000de \| 000000ea \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000de \| 000000ea \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000de \| 000000ea \| Core Gen9 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| 000000e0 \| 000000ea \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| 000000e0 \| 000000ea \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| 000000e0 \| 000000ec \| Core Gen10 \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000e0 \| 000000e8 \| Core Gen10 Mobile \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| 000000e0 \| 000000ea \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1001367 1003800 1004477 1005555 1005558 1005562 1005564 1005566 1005569 1005581 1005582 1006539 1008318 1010977 1010979 1011830 1012530 1015993 1047002 1052829 1105437 1105459 1105460 1111331 1128481 1129622 1130675 1132728 1132729 1132732 1132734 1134718 1136570 1179833 1179836 1179837 1179839 806919 806921 817349 817350 864391 864655 864769 864805 864811 872796 877642 897654 901508 902737 904625 924018 928393 929718 937339 941939 945404 945989 952062 954872 955131 956829 957162 957698 957988 958007 958009 958491 958523 958917 959005 959332 959387 959695 960334 960707 960725 960835 960861 960862 961332 961358 961691 962320 963782 963923 964413 965315 965317 967012 967013 967969 969121 969122 969350 970072 970073 990890 CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2013-4533 CVE-2013-4534 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2014-0222 CVE-2014-0578 CVE-2014-0595 CVE-2014-3640 CVE-2014-3689 CVE-2014-7815 CVE-2014-8651 CVE-2014-9718 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1609 CVE-2015-1779 CVE-2015-3114 CVE-2015-3115 CVE-2015-3116 CVE-2015-3117 CVE-2015-3118 CVE-2015-3119 CVE-2015-3120 CVE-2015-3121 CVE-2015-3122 CVE-2015-3123 CVE-2015-3124 CVE-2015-3125 CVE-2015-3126 CVE-2015-3127 CVE-2015-3128 CVE-2015-3129 CVE-2015-3130 CVE-2015-3131 CVE-2015-3132 CVE-2015-3133 CVE-2015-3134 CVE-2015-3135 CVE-2015-3136 CVE-2015-3137 CVE-2015-4428 CVE-2015-4429 CVE-2015-4430 CVE-2015-4431 CVE-2015-4432 CVE-2015-4433 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5116 CVE-2015-5117 CVE-2015-5118 CVE-2015-5119 CVE-2015-5278 CVE-2015-6855 CVE-2015-7512 CVE-2015-7549 CVE-2015-8025 CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8554 CVE-2015-8555 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2015-8817 CVE-2015-8818 CVE-2016-1285 CVE-2016-1286 CVE-2016-1568 CVE-2016-1570 CVE-2016-1571 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-2270 CVE-2016-2271 CVE-2016-2391 CVE-2016-2392 CVE-2016-2538 CVE-2016-2841 CVE-2016-3492 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 CVE-2016-8654 CVE-2016-9395 CVE-2016-9398 CVE-2016-9560 CVE-2016-9591 CVE-2017-10790 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2019-10245 CVE-2019-11091 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-3860 CVE-2019-9824 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 SUSE-SU-2015:2054-1 SUSE-SU-2015:2168-2 SUSE-SU-2016:0303-1 SUSE-SU-2016:0825-1 SUSE-SU-2016:0873-1 SUSE-SU-2016:2933-1 SUSE-SU-2017:0084-1 SUSE-SU-2017:2589-1 SUSE-SU-2018:2825-1 SUSE-SU-2019:1269-1 SUSE-SU-2019:1606-1 SUSE-SU-2019:1644-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP2-LTSS-ERICSSON SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information kscreenlocker-5.12.5-lp150.1 is installed OR kscreenlocker-lang-5.12.5-lp150.1 is installed OR libKScreenLocker5-5.12.5-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND sudo-1.7.6p2-0.2.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.481-0.8 is installed OR flash-player-gnome-11.2.202.481-0.8 is installed OR flash-player-kde4-11.2.202.481-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.25 is installed OR bind-libs-9.9.6P1-0.25 is installed OR bind-libs-32bit-9.9.6P1-0.25 is installed OR bind-utils-9.9.6P1-0.25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information xen-4.5.2_06-7 is installed OR xen-kmp-default-4.5.2_06_k3.12.53_60.30-7 is installed OR xen-libs-4.5.2_06-7 is installed OR xen-libs-32bit-4.5.2_06-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.20-18 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.20-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.3.0esr-109.3 is installed OR MozillaFirefox-devel-52.3.0esr-109.3 is installed OR MozillaFirefox-translations-52.3.0esr-109.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information hostinfo-1.0.1-19.5 is installed OR supportutils-3.0-95.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND libgme0-0.6.0-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpython3_4m1_0-3.4.10-25.39 is installed OR python3-3.4.10-25.39 is installed OR python3-base-3.4.10-25.39 is installed OR python3-curses-3.4.10-25.39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdk-pixbuf-2.34.0-19.17 is installed OR gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND mongodb-2.4.14-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libldap-2_4-2-2.4.41-18.71 is installed OR libldap-2_4-2-32bit-2.4.41-18.71 is installed OR openldap2-2.4.41-18.71 is installed OR openldap2-back-meta-2.4.41-18.71 is installed OR openldap2-client-2.4.41-18.71 is installed OR openldap2-doc-2.4.41-18.71 is installed OR openldap2-ppolicy-check-password-1.2-18.71 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.8 is installed