OVAL Reference oval:org.opensuse.security:def:57020 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:57020

Revision Date:	2021-06-10	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. - New platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CLX-SP \| A0 \| 06-55-05/b7 \| \| 03000010 \| Xeon Scalable Gen2 \| ICX-SP \| C0 \| 06-6a-05/87 \| \| 0c0002f0 \| Xeon Scalable Gen3 \| ICX-SP \| D0 \| 06-6a-06/87 \| \| 0d0002a0 \| Xeon Scalable Gen3 \| SNR \| B0 \| 06-86-04/01 \| \| 0b00000f \| Atom P59xxB \| SNR \| B1 \| 06-86-05/01 \| \| 0b00000f \| Atom P59xxB \| TGL \| B1 \| 06-8c-01/80 \| \| 00000088 \| Core Gen11 Mobile \| TGL-R \| C0 \| 06-8c-02/c2 \| \| 00000016 \| Core Gen11 Mobile \| TGL-H \| R0 \| 06-8d-01/c2 \| \| 0000002c \| Core Gen11 Mobile \| EHL \| B1 \| 06-96-01/01 \| \| 00000011 \| Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E \| JSL \| A0/A1 \| 06-9c-00/01 \| \| 0000001d \| Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 \| RKL-S \| B0 \| 06-a7-01/02 \| \| 00000040 \| Core Gen11 - Updated platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000044 \| 00000046 \| Core Gen4 X series; Xeon E5 v3 \| HSX-EX \| E0 \| 06-3f-04/80 \| 00000016 \| 00000019 \| Xeon E7 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| BDX-ML \| B0/M0/R0 \| 06-4f-01/ef \| 0b000038 \| 0b00003e \| Xeon E5/E7 v4; Core i7-69xx/68xx \| SKX-SP \| B1 \| 06-55-03/97 \| 01000159 \| 0100015b \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04003006 \| 04003102 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05003006 \| 05003102 \| Xeon Scalable Gen2 \| CPX-SP \| A1 \| 06-55-0b/bf \| 0700001e \| 07002302 \| Xeon Scalable Gen3 \| BDX-DE \| V2/V3 \| 06-56-03/10 \| 07000019 \| 0700001b \| Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 \| BDX-DE \| Y0 \| 06-56-04/10 \| 0f000017 \| 0f000019 \| Xeon D-1557/59/67/71/77/81/87 \| BDX-NS \| A0 \| 06-56-05/10 \| 0e00000f \| 0e000012 \| Xeon D-1513N/23/33/43/53 \| APL \| D0 \| 06-5c-09/03 \| 00000040 \| 00000044 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 0000001e \| 00000020 \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000e2 \| 000000ea \| Core Gen6; Xeon E3 v5 \| DNV \| B0 \| 06-5f-01/01 \| 0000002e \| 00000034 \| Atom C Series \| GLK \| B0 \| 06-7a-01/01 \| 00000034 \| 00000036 \| Pentium Silver N/J5xxx, Celeron N/J4xxx \| GKL-R \| R0 \| 06-7a-08/01 \| 00000018 \| 0000001a \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 000000a0 \| 000000a6 \| Core Gen10 Mobile \| LKF \| B2/B3 \| 06-8a-01/10 \| 00000028 \| 0000002a \| Core w/Hybrid Technology \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000de \| 000000ea \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000e0 \| 000000ea \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000de \| 000000ea \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000de \| 000000ea \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000de \| 000000ea \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000de \| 000000ea \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000de \| 000000ea \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000de \| 000000ea \| Core Gen9 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| 000000e0 \| 000000ea \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| 000000e0 \| 000000ea \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| 000000e0 \| 000000ec \| Core Gen10 \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000e0 \| 000000e8 \| Core Gen10 Mobile \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| 000000e0 \| 000000ea \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1004221 1005522 1005523 1005524 1005525 1005526 1005527 1005528 1017646 1027519 1052311 1052368 1053153 1055825 1056058 1064715 1064716 1065363 1066242 1069708 1085449 1093311 1107832 1108940 1108963 1110233 1111014 1114405 1114423 1114988 1115040 1115043 1115044 1115045 1115047 1117756 1121571 1121816 1121818 1121821 1135170 1135715 1148931 1179833 1179836 1179837 1179839 958791 988651 CVE-2011-1709 CVE-2012-3449 CVE-2015-8540 CVE-2016-10087 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 CVE-2016-8605 CVE-2017-1000112 CVE-2017-10661 CVE-2017-13089 CVE-2017-13090 CVE-2017-16939 CVE-2017-3735 CVE-2017-3736 CVE-2018-1417 CVE-2018-1417 CVE-2018-14633 CVE-2018-14634 CVE-2018-17182 CVE-2018-17963 CVE-2018-18849 CVE-2018-18883 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19963 CVE-2018-19964 CVE-2018-19965 CVE-2018-19966 CVE-2018-19967 CVE-2018-20685 CVE-2018-2783 CVE-2018-2783 CVE-2018-2790 CVE-2018-2790 CVE-2018-2794 CVE-2018-2794 CVE-2018-2795 CVE-2018-2795 CVE-2018-2796 CVE-2018-2796 CVE-2018-2797 CVE-2018-2797 CVE-2018-2798 CVE-2018-2798 CVE-2018-2799 CVE-2018-2799 CVE-2018-2800 CVE-2018-2800 CVE-2018-2814 CVE-2018-2814 CVE-2019-5436 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 SUSE-SU-2016:2887-1 SUSE-SU-2017:0398-1 SUSE-SU-2017:0860-1 SUSE-SU-2017:2438-1 SUSE-SU-2017:2871-2 SUSE-SU-2017:3169-1 SUSE-SU-2017:3337-1 SUSE-SU-2018:1764-1 SUSE-SU-2019:0003-1 SUSE-SU-2019:0125-1 SUSE-SU-2019:2009-1 SUSE-SU-2019:2345-2 SUSE-SU-2021:1930-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libreoffice-6.0.4.2-lp150.1 is installed OR libreoffice-base-6.0.4.2-lp150.1 is installed OR libreoffice-base-drivers-mysql-6.0.4.2-lp150.1 is installed OR libreoffice-branding-upstream-6.0.4.2-lp150.1 is installed OR libreoffice-calc-6.0.4.2-lp150.1 is installed OR libreoffice-draw-6.0.4.2-lp150.1 is installed OR libreoffice-filters-optional-6.0.4.2-lp150.1 is installed OR libreoffice-gnome-6.0.4.2-lp150.1 is installed OR libreoffice-gtk3-6.0.4.2-lp150.1 is installed OR libreoffice-icon-themes-6.0.4.2-lp150.1 is installed OR libreoffice-impress-6.0.4.2-lp150.1 is installed OR libreoffice-kde4-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ar-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-bg-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ca-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-cs-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-da-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-de-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-el-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-en-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-eo-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-es-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-et-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fa-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fi-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-fr-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-hu-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-it-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ja-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ko-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-lt-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-nb-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-nl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-pl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-pt_BR-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-ru-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sk-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sl-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-sv-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-uk-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-zh_CN-6.0.4.2-lp150.1 is installed OR libreoffice-l10n-zh_TW-6.0.4.2-lp150.1 is installed OR libreoffice-mailmerge-6.0.4.2-lp150.1 is installed OR libreoffice-math-6.0.4.2-lp150.1 is installed OR libreoffice-pyuno-6.0.4.2-lp150.1 is installed OR libreoffice-writer-6.0.4.2-lp150.1 is installed OR libreofficekit-6.0.4.2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information fish3-3.0.0-lp151.2 is installed OR fish3-devel-3.0.0-lp151.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information curl-7.60.0-4.6 is installed OR libcurl4-7.60.0-4.6 is installed OR libcurl4-32bit-7.60.0-4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpng12-1.2.50-19 is installed OR libpng12-0-1.2.50-19 is installed OR libpng12-0-32bit-1.2.50-19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_64_8-default-11-2 is installed OR kgraft-patch-3_12_62-60_64_8-xen-11-2 is installed OR kgraft-patch-SLE12-SP1_Update_8-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gdm-3.10.0.1-52 is installed OR gdm-lang-3.10.0.1-52 is installed OR gdmflexiserver-3.10.0.1-52 is installed OR libgdm1-3.10.0.1-52 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information apache2-2.4.23-29.54 is installed OR apache2-doc-2.4.23-29.54 is installed OR apache2-example-pages-2.4.23-29.54 is installed OR apache2-prefork-2.4.23-29.54 is installed OR apache2-utils-2.4.23-29.54 is installed OR apache2-worker-2.4.23-29.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20210525-13.90.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gnome-shell-search-provider-nautilus-3.20.3-23.6 is installed OR libnautilus-extension1-3.20.3-23.6 is installed OR nautilus-3.20.3-23.6 is installed OR nautilus-lang-3.20.3-23.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libncurses5-5.9-61 is installed OR libncurses5-32bit-5.9-61 is installed OR libncurses6-5.9-61 is installed OR libncurses6-32bit-5.9-61 is installed OR ncurses-5.9-61 is installed OR ncurses-devel-5.9-61 is installed OR ncurses-devel-32bit-5.9-61 is installed OR ncurses-utils-5.9-61 is installed OR tack-5.9-61 is installed OR terminfo-5.9-61 is installed OR terminfo-base-5.9-61 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information pam_radius-1.3.16-239.4 is installed OR pam_radius-32bit-1.3.16-239.4 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed OR rubygem-activejob-4_2-4.2.9-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.23-3.9 is installed