Oval Definition:oval:org.opensuse.security:def:58282
Revision Date:2020-12-01Version:1
Title:Security update for ucode-intel (Moderate)
Description:

This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for:

- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack' attacks. (bsc#1156353)

Microcode Table:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ HSW C0 6-3c-3/32 00000027->00000028 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5 HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4 HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5 SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2 CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2 SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5 AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8 CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9 CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile

Also contains the Intel CPU Microcode update to 20200520:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Family:unixClass:patch
Status:Reference(s):1003952
1041216
1041783
1042802
1042803
1043088
1045719
1045721
1065386
1068664
1090036
1102682
1104205
1109209
1111498
1117025
1117382
1120658
1122000
1122344
1123333
1123886
1123892
1125352
1131390
1133191
1138034
1154824
1156353
1159208
1159623
1160594
1160764
1161779
1163922
1172466
1174415
1174628
1174955
1177155
854443
984639
CVE-2012-0876
CVE-2013-7038
CVE-2013-7039
CVE-2016-0718
CVE-2016-4472
CVE-2016-4983
CVE-2016-9063
CVE-2017-1000158
CVE-2017-16612
CVE-2017-7511
CVE-2017-7515
CVE-2017-9233
CVE-2017-9406
CVE-2017-9408
CVE-2017-9775
CVE-2017-9776
CVE-2018-1000199
CVE-2018-14526
CVE-2018-14734
CVE-2018-5390
CVE-2019-10164
CVE-2019-11487
CVE-2019-6454
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-14344
CVE-2020-15708
CVE-2020-15900
CVE-2020-25637
CVE-2020-8013
SUSE-SU-2016:2915-1
SUSE-SU-2017:1576-1
SUSE-SU-2017:1999-1
SUSE-SU-2017:3214-1
SUSE-SU-2018:1258-1
SUSE-SU-2019:0428-1
SUSE-SU-2019:1088-1
SUSE-SU-2020:0497-1
SUSE-SU-2020:0545-1
SUSE-SU-2020:1595-1
SUSE-SU-2020:2097-1
SUSE-SU-2020:2117-1
SUSE-SU-2020:3143-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND dnsmasq-2.78-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-lp151.2.4 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-lp151.2.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • dovecot22-2.2.13-4 is installed
  • OR dovecot22-backend-mysql-2.2.13-4 is installed
  • OR dovecot22-backend-pgsql-2.2.13-4 is installed
  • OR dovecot22-backend-sqlite-2.2.13-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND wpa_supplicant-2.6-15.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_85-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND clamav-0.99.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.3.0-109.98 is installed
  • OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND squid-3.5.21-26.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_140-94_42-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libgnomesu-2.0.0-353.6 is installed
  • OR libgnomesu-lang-2.0.0-353.6 is installed
  • OR libgnomesu0-2.0.0-353.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20200602-13.68 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-ecdsa-0.13.3-5.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • mariadb-10.2.22-4.11 is installed
  • OR mariadb-client-10.2.22-4.11 is installed
  • OR mariadb-errormessages-10.2.22-4.11 is installed
  • OR mariadb-galera-10.2.22-4.11 is installed
  • OR mariadb-tools-10.2.22-4.11 is installed
    • BACK