OVAL Reference oval:org.opensuse.security:def:57939 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:57939

Revision Date:	2021-06-10	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. - New platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CLX-SP \| A0 \| 06-55-05/b7 \| \| 03000010 \| Xeon Scalable Gen2 \| ICX-SP \| C0 \| 06-6a-05/87 \| \| 0c0002f0 \| Xeon Scalable Gen3 \| ICX-SP \| D0 \| 06-6a-06/87 \| \| 0d0002a0 \| Xeon Scalable Gen3 \| SNR \| B0 \| 06-86-04/01 \| \| 0b00000f \| Atom P59xxB \| SNR \| B1 \| 06-86-05/01 \| \| 0b00000f \| Atom P59xxB \| TGL \| B1 \| 06-8c-01/80 \| \| 00000088 \| Core Gen11 Mobile \| TGL-R \| C0 \| 06-8c-02/c2 \| \| 00000016 \| Core Gen11 Mobile \| TGL-H \| R0 \| 06-8d-01/c2 \| \| 0000002c \| Core Gen11 Mobile \| EHL \| B1 \| 06-96-01/01 \| \| 00000011 \| Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E \| JSL \| A0/A1 \| 06-9c-00/01 \| \| 0000001d \| Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 \| RKL-S \| B0 \| 06-a7-01/02 \| \| 00000040 \| Core Gen11 - Updated platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000044 \| 00000046 \| Core Gen4 X series; Xeon E5 v3 \| HSX-EX \| E0 \| 06-3f-04/80 \| 00000016 \| 00000019 \| Xeon E7 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| BDX-ML \| B0/M0/R0 \| 06-4f-01/ef \| 0b000038 \| 0b00003e \| Xeon E5/E7 v4; Core i7-69xx/68xx \| SKX-SP \| B1 \| 06-55-03/97 \| 01000159 \| 0100015b \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04003006 \| 04003102 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05003006 \| 05003102 \| Xeon Scalable Gen2 \| CPX-SP \| A1 \| 06-55-0b/bf \| 0700001e \| 07002302 \| Xeon Scalable Gen3 \| BDX-DE \| V2/V3 \| 06-56-03/10 \| 07000019 \| 0700001b \| Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 \| BDX-DE \| Y0 \| 06-56-04/10 \| 0f000017 \| 0f000019 \| Xeon D-1557/59/67/71/77/81/87 \| BDX-NS \| A0 \| 06-56-05/10 \| 0e00000f \| 0e000012 \| Xeon D-1513N/23/33/43/53 \| APL \| D0 \| 06-5c-09/03 \| 00000040 \| 00000044 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 0000001e \| 00000020 \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000e2 \| 000000ea \| Core Gen6; Xeon E3 v5 \| DNV \| B0 \| 06-5f-01/01 \| 0000002e \| 00000034 \| Atom C Series \| GLK \| B0 \| 06-7a-01/01 \| 00000034 \| 00000036 \| Pentium Silver N/J5xxx, Celeron N/J4xxx \| GKL-R \| R0 \| 06-7a-08/01 \| 00000018 \| 0000001a \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 000000a0 \| 000000a6 \| Core Gen10 Mobile \| LKF \| B2/B3 \| 06-8a-01/10 \| 00000028 \| 0000002a \| Core w/Hybrid Technology \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000de \| 000000ea \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000e0 \| 000000ea \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000de \| 000000ea \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000de \| 000000ea \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000de \| 000000ea \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000de \| 000000ea \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000de \| 000000ea \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000de \| 000000ea \| Core Gen9 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| 000000e0 \| 000000ea \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| 000000e0 \| 000000ea \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| 000000e0 \| 000000ec \| Core Gen10 \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000e0 \| 000000e8 \| Core Gen10 Mobile \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| 000000e0 \| 000000ea \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1005410 1006118 1007925 1008340 1008648 1013882 1017141 1017695 1019938 1020063 1021687 1027353 1070603 1073933 1076957 1078431 1081164 1081685 1094301 1101676 1101677 1101678 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1102775 1103342 1106514 1111122 1112368 1112397 1112417 1112421 1112432 1116686 1118754 1123371 1123377 1123378 1129180 1130721 1131863 1132666 1133191 1134156 1136037 1136446 1137597 1140359 1142880 1142882 1142883 1142885 1146882 1146884 1151021 1163985 1174955 1177155 1179833 1179836 1179837 1179839 902375 CVE-2010-2240 CVE-2011-2483 CVE-2013-1940 CVE-2013-4396 CVE-2013-6424 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2015-0255 CVE-2015-3164 CVE-2015-3418 CVE-2016-10708 CVE-2016-8637 CVE-2016-9843 CVE-2017-18191 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-16890 CVE-2018-18065 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3143 CVE-2018-3156 CVE-2018-3174 CVE-2018-3251 CVE-2018-3282 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-12973 CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 CVE-2019-14811 CVE-2019-14812 CVE-2019-14813 CVE-2019-14817 CVE-2019-14835 CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 CVE-2019-2529 CVE-2019-2537 CVE-2019-3822 CVE-2019-3823 CVE-2019-3835 CVE-2019-3839 CVE-2019-3846 CVE-2020-15708 CVE-2020-1720 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2020-25637 SUSE-SU-2017:0951-1 SUSE-SU-2018:0697-1 SUSE-SU-2018:1448-1 SUSE-SU-2018:2530-1 SUSE-SU-2018:2891-1 SUSE-SU-2018:3447-1 SUSE-SU-2019:0249-1 SUSE-SU-2019:0897-1 SUSE-SU-2019:2048-1 SUSE-SU-2019:2180-1 SUSE-SU-2019:2478-1 SUSE-SU-2020:0715-1 SUSE-SU-2020:3143-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information cups-pk-helper-0.2.6-lp150.1 is installed OR cups-pk-helper-lang-0.2.6-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_110-default-3-2 is installed OR kgraft-patch-3_12_74-60_64_110-xen-3-2 is installed OR kgraft-patch-SLE12-SP1_Update_33-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information sysvinit-tools-2.88+-96 is installed OR whois-5.1.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR libmysqlclient18-32bit-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed OR mariadb-client-10.0.38-29.27 is installed OR mariadb-errormessages-10.0.38-29.27 is installed OR mariadb-tools-10.0.38-29.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information grub2-2.02-2 is installed OR grub2-arm64-efi-2.02-2 is installed OR grub2-i386-pc-2.02-2 is installed OR grub2-powerpc-ieee1275-2.02-2 is installed OR grub2-s390x-emu-2.02-2 is installed OR grub2-snapper-plugin-2.02-2 is installed OR grub2-systemd-sleep-plugin-2.02-2 is installed OR grub2-x86_64-efi-2.02-2 is installed OR grub2-x86_64-xen-2.02-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20210525-13.90.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libQt5Concurrent5-5.6.2-6.22 is installed OR libQt5Core5-5.6.2-6.22 is installed OR libQt5DBus5-5.6.2-6.22 is installed OR libQt5Gui5-5.6.2-6.22 is installed OR libQt5Network5-5.6.2-6.22 is installed OR libQt5OpenGL5-5.6.2-6.22 is installed OR libQt5PrintSupport5-5.6.2-6.22 is installed OR libQt5Sql5-5.6.2-6.22 is installed OR libQt5Sql5-mysql-5.6.2-6.22 is installed OR libQt5Sql5-postgresql-5.6.2-6.22 is installed OR libQt5Sql5-sqlite-5.6.2-6.22 is installed OR libQt5Sql5-unixODBC-5.6.2-6.22 is installed OR libQt5Test5-5.6.2-6.22 is installed OR libQt5Widgets5-5.6.2-6.22 is installed OR libQt5Xml5-5.6.2-6.22 is installed OR libqt5-qtbase-5.6.2-6.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libldap-2_4-2-2.4.41-18.40 is installed OR libldap-2_4-2-32bit-2.4.41-18.40 is installed OR openldap2-2.4.41-18.40 is installed OR openldap2-back-meta-2.4.41-18.40 is installed OR openldap2-client-2.4.41-18.40 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openssh-7.2p2-74.25 is installed OR openssh-askpass-gnome-7.2p2-74.25 is installed OR openssh-fips-7.2p2-74.25 is installed OR openssh-helpers-7.2p2-74.25 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy-1.6.11-11.3 is installed