OVAL Reference oval:org.opensuse.security:def:59491 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:59491

Revision Date:	2021-06-10	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. - New platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CLX-SP \| A0 \| 06-55-05/b7 \| \| 03000010 \| Xeon Scalable Gen2 \| ICX-SP \| C0 \| 06-6a-05/87 \| \| 0c0002f0 \| Xeon Scalable Gen3 \| ICX-SP \| D0 \| 06-6a-06/87 \| \| 0d0002a0 \| Xeon Scalable Gen3 \| SNR \| B0 \| 06-86-04/01 \| \| 0b00000f \| Atom P59xxB \| SNR \| B1 \| 06-86-05/01 \| \| 0b00000f \| Atom P59xxB \| TGL \| B1 \| 06-8c-01/80 \| \| 00000088 \| Core Gen11 Mobile \| TGL-R \| C0 \| 06-8c-02/c2 \| \| 00000016 \| Core Gen11 Mobile \| TGL-H \| R0 \| 06-8d-01/c2 \| \| 0000002c \| Core Gen11 Mobile \| EHL \| B1 \| 06-96-01/01 \| \| 00000011 \| Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E \| JSL \| A0/A1 \| 06-9c-00/01 \| \| 0000001d \| Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 \| RKL-S \| B0 \| 06-a7-01/02 \| \| 00000040 \| Core Gen11 - Updated platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000044 \| 00000046 \| Core Gen4 X series; Xeon E5 v3 \| HSX-EX \| E0 \| 06-3f-04/80 \| 00000016 \| 00000019 \| Xeon E7 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| BDX-ML \| B0/M0/R0 \| 06-4f-01/ef \| 0b000038 \| 0b00003e \| Xeon E5/E7 v4; Core i7-69xx/68xx \| SKX-SP \| B1 \| 06-55-03/97 \| 01000159 \| 0100015b \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04003006 \| 04003102 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05003006 \| 05003102 \| Xeon Scalable Gen2 \| CPX-SP \| A1 \| 06-55-0b/bf \| 0700001e \| 07002302 \| Xeon Scalable Gen3 \| BDX-DE \| V2/V3 \| 06-56-03/10 \| 07000019 \| 0700001b \| Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 \| BDX-DE \| Y0 \| 06-56-04/10 \| 0f000017 \| 0f000019 \| Xeon D-1557/59/67/71/77/81/87 \| BDX-NS \| A0 \| 06-56-05/10 \| 0e00000f \| 0e000012 \| Xeon D-1513N/23/33/43/53 \| APL \| D0 \| 06-5c-09/03 \| 00000040 \| 00000044 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 0000001e \| 00000020 \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000e2 \| 000000ea \| Core Gen6; Xeon E3 v5 \| DNV \| B0 \| 06-5f-01/01 \| 0000002e \| 00000034 \| Atom C Series \| GLK \| B0 \| 06-7a-01/01 \| 00000034 \| 00000036 \| Pentium Silver N/J5xxx, Celeron N/J4xxx \| GKL-R \| R0 \| 06-7a-08/01 \| 00000018 \| 0000001a \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 000000a0 \| 000000a6 \| Core Gen10 Mobile \| LKF \| B2/B3 \| 06-8a-01/10 \| 00000028 \| 0000002a \| Core w/Hybrid Technology \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000de \| 000000ea \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000e0 \| 000000ea \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000de \| 000000ea \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000de \| 000000ea \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000de \| 000000ea \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000de \| 000000ea \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000de \| 000000ea \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000de \| 000000ea \| Core Gen9 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| 000000e0 \| 000000ea \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| 000000e0 \| 000000ea \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| 000000e0 \| 000000ec \| Core Gen10 \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000e0 \| 000000e8 \| Core Gen10 Mobile \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| 000000e0 \| 000000ea \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1026236 1055825 1056058 1058565 1058622 1058624 1060427 1060653 1061876 1063008 1063824 1065066 1065363 1066242 1111647 1114988 1122293 1122299 1123157 1123823 1123828 1123832 1126140 1126141 1126192 1126195 1126196 1126198 1126201 1127400 1129623 1132728 1132729 1132732 1134297 1138459 1139083 1141853 1160968 1162972 1167231 1167373 1172405 1173304 1173576 1173613 1179833 1179836 1179837 1179839 CVE-2013-1571 CVE-2015-2924 CVE-2015-5185 CVE-2016-0764 CVE-2017-1000254 CVE-2017-1000257 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-14746 CVE-2017-15275 CVE-2017-3735 CVE-2017-3736 CVE-2018-11212 CVE-2018-12086 CVE-2018-18227 CVE-2018-19967 CVE-2018-20748 CVE-2018-20749 CVE-2018-20750 CVE-2018-20852 CVE-2019-10160 CVE-2019-12900 CVE-2019-18860 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 CVE-2019-6778 CVE-2019-9824 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-14059 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-8022 SUSE-SU-2017:2831-1 SUSE-SU-2017:3155-1 SUSE-SU-2017:3169-1 SUSE-SU-2019:0313-1 SUSE-SU-2019:0921-1 SUSE-SU-2019:1392-1 SUSE-SU-2019:2013-1 SUSE-SU-2020:0456-1 SUSE-SU-2020:1791-1 SUSE-SU-2020:1803-1 SUSE-SU-2020:1899-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libXtst6-1.2.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.10 is installed OR kernel-debug-base-4.12.14-lp151.28.10 is installed OR kernel-debug-devel-4.12.14-lp151.28.10 is installed OR kernel-default-4.12.14-lp151.28.10 is installed OR kernel-default-base-4.12.14-lp151.28.10 is installed OR kernel-default-devel-4.12.14-lp151.28.10 is installed OR kernel-devel-4.12.14-lp151.28.10 is installed OR kernel-docs-4.12.14-lp151.28.10 is installed OR kernel-docs-html-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.10 is installed OR kernel-macros-4.12.14-lp151.28.10 is installed OR kernel-obs-build-4.12.14-lp151.28.10 is installed OR kernel-obs-qa-4.12.14-lp151.28.10 is installed OR kernel-source-4.12.14-lp151.28.10 is installed OR kernel-source-vanilla-4.12.14-lp151.28.10 is installed OR kernel-syms-4.12.14-lp151.28.10 is installed OR kernel-vanilla-4.12.14-lp151.28.10 is installed OR kernel-vanilla-base-4.12.14-lp151.28.10 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND mailman-2.1.17-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libdcerpc-binding0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libdcerpc-binding0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libdcerpc0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libdcerpc0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-krb5pac0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-krb5pac0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-nbt0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-nbt0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-standard0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr-standard0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libndr0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libnetapi0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libnetapi0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-credentials0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-credentials0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-errors0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-errors0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-hostconfig0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-hostconfig0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-passdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-passdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamba-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamdb0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsamdb0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbconf0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbconf0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbldap0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libsmbldap0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libtevent-util0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libtevent-util0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libwbclient0-4.6.14+git.157.c2d53c2b191-3.29 is installed OR libwbclient0-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-client-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-client-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-doc-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-libs-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-libs-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-winbind-4.6.14+git.157.c2d53c2b191-3.29 is installed OR samba-winbind-32bit-4.6.14+git.157.c2d53c2b191-3.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND ucode-intel-20210525-13.90.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.26 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-78.0.1-112.3 is installed OR MozillaFirefox-branding-SLE-78-35.3 is installed OR MozillaFirefox-devel-78.0.1-112.3 is installed OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND mailman-2.1.17-3.23 is installed