OVAL Reference oval:org.opensuse.security:def:59749 - CERT Civis.Net

Oval Definition:

oval:org.opensuse.security:def:59749

Revision Date:	2021-06-10	Version:	1
Title:	Security update for ucode-intel (Important)
Description:	This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details. - New platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| CLX-SP \| A0 \| 06-55-05/b7 \| \| 03000010 \| Xeon Scalable Gen2 \| ICX-SP \| C0 \| 06-6a-05/87 \| \| 0c0002f0 \| Xeon Scalable Gen3 \| ICX-SP \| D0 \| 06-6a-06/87 \| \| 0d0002a0 \| Xeon Scalable Gen3 \| SNR \| B0 \| 06-86-04/01 \| \| 0b00000f \| Atom P59xxB \| SNR \| B1 \| 06-86-05/01 \| \| 0b00000f \| Atom P59xxB \| TGL \| B1 \| 06-8c-01/80 \| \| 00000088 \| Core Gen11 Mobile \| TGL-R \| C0 \| 06-8c-02/c2 \| \| 00000016 \| Core Gen11 Mobile \| TGL-H \| R0 \| 06-8d-01/c2 \| \| 0000002c \| Core Gen11 Mobile \| EHL \| B1 \| 06-96-01/01 \| \| 00000011 \| Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E \| JSL \| A0/A1 \| 06-9c-00/01 \| \| 0000001d \| Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 \| RKL-S \| B0 \| 06-a7-01/02 \| \| 00000040 \| Core Gen11 - Updated platforms: \| Processor \| Stepping \| F-M-S/PI \| Old Ver \| New Ver \| Products \|:---------------\|:---------\|:------------\|:---------\|:---------\|:--------- \| HSX-E/EP \| Cx/M1 \| 06-3f-02/6f \| 00000044 \| 00000046 \| Core Gen4 X series; Xeon E5 v3 \| HSX-EX \| E0 \| 06-3f-04/80 \| 00000016 \| 00000019 \| Xeon E7 v3 \| SKL-U/Y \| D0 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| SKL-U23e \| K1 \| 06-4e-03/c0 \| 000000e2 \| 000000ea \| Core Gen6 Mobile \| BDX-ML \| B0/M0/R0 \| 06-4f-01/ef \| 0b000038 \| 0b00003e \| Xeon E5/E7 v4; Core i7-69xx/68xx \| SKX-SP \| B1 \| 06-55-03/97 \| 01000159 \| 0100015b \| Xeon Scalable \| SKX-SP \| H0/M0/U0 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon Scalable \| SKX-D \| M1 \| 06-55-04/b7 \| 02006a0a \| 02006b06 \| Xeon D-21xx \| CLX-SP \| B0 \| 06-55-06/bf \| 04003006 \| 04003102 \| Xeon Scalable Gen2 \| CLX-SP \| B1 \| 06-55-07/bf \| 05003006 \| 05003102 \| Xeon Scalable Gen2 \| CPX-SP \| A1 \| 06-55-0b/bf \| 0700001e \| 07002302 \| Xeon Scalable Gen3 \| BDX-DE \| V2/V3 \| 06-56-03/10 \| 07000019 \| 0700001b \| Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 \| BDX-DE \| Y0 \| 06-56-04/10 \| 0f000017 \| 0f000019 \| Xeon D-1557/59/67/71/77/81/87 \| BDX-NS \| A0 \| 06-56-05/10 \| 0e00000f \| 0e000012 \| Xeon D-1513N/23/33/43/53 \| APL \| D0 \| 06-5c-09/03 \| 00000040 \| 00000044 \| Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx \| APL \| E0 \| 06-5c-0a/03 \| 0000001e \| 00000020 \| Atom x5-E39xx \| SKL-H/S \| R0/N0 \| 06-5e-03/36 \| 000000e2 \| 000000ea \| Core Gen6; Xeon E3 v5 \| DNV \| B0 \| 06-5f-01/01 \| 0000002e \| 00000034 \| Atom C Series \| GLK \| B0 \| 06-7a-01/01 \| 00000034 \| 00000036 \| Pentium Silver N/J5xxx, Celeron N/J4xxx \| GKL-R \| R0 \| 06-7a-08/01 \| 00000018 \| 0000001a \| Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 \| ICL-U/Y \| D1 \| 06-7e-05/80 \| 000000a0 \| 000000a6 \| Core Gen10 Mobile \| LKF \| B2/B3 \| 06-8a-01/10 \| 00000028 \| 0000002a \| Core w/Hybrid Technology \| AML-Y22 \| H0 \| 06-8e-09/10 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-U/Y \| H0 \| 06-8e-09/c0 \| 000000de \| 000000ea \| Core Gen7 Mobile \| CFL-U43e \| D0 \| 06-8e-0a/c0 \| 000000e0 \| 000000ea \| Core Gen8 Mobile \| WHL-U \| W0 \| 06-8e-0b/d0 \| 000000de \| 000000ea \| Core Gen8 Mobile \| AML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| CML-Y42 \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen10 Mobile \| WHL-U \| V0 \| 06-8e-0c/94 \| 000000de \| 000000ea \| Core Gen8 Mobile \| KBL-G/H/S/E3 \| B0 \| 06-9e-09/2a \| 000000de \| 000000ea \| Core Gen7; Xeon E3 v6 \| CFL-H/S/E3 \| U0 \| 06-9e-0a/22 \| 000000de \| 000000ea \| Core Gen8 Desktop, Mobile, Xeon E \| CFL-S \| B0 \| 06-9e-0b/02 \| 000000de \| 000000ea \| Core Gen8 \| CFL-H/S \| P0 \| 06-9e-0c/22 \| 000000de \| 000000ea \| Core Gen9 \| CFL-H \| R0 \| 06-9e-0d/22 \| 000000de \| 000000ea \| Core Gen9 Mobile \| CML-H \| R1 \| 06-a5-02/20 \| 000000e0 \| 000000ea \| Core Gen10 Mobile \| CML-S62 \| G1 \| 06-a5-03/22 \| 000000e0 \| 000000ea \| Core Gen10 \| CML-S102 \| Q0 \| 06-a5-05/22 \| 000000e0 \| 000000ec \| Core Gen10 \| CML-U62 \| A0 \| 06-a6-00/80 \| 000000e0 \| 000000e8 \| Core Gen10 Mobile \| CML-U62 V2 \| K0 \| 06-a6-01/80 \| 000000e0 \| 000000ea \| Core Gen10 Mobile
Family:	unix	Class:	patch
Status:		Reference(s):	1051042 1053188 1063675 1064569 1064580 1064583 1070905 1071319 1072183 1073231 1074293 1081556 1081741 1086730 1103098 1103411 1113160 1117951 1133114 1133145 1133191 1134195 1136446 1136935 1137597 1138822 1139073 1141035 1141661 1142038 1143913 1148177 1153090 1153277 1154043 1154940 1154968 1155372 1155419 1155988 1158809 1160163 1160471 1161799 1163871 1165787 1165921 1168310 1168630 1170231 1170441 1170557 1171687 1172462 1179833 1179836 1179837 1179839 968175 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-3148 CVE-2011-3149 CVE-2014-2583 CVE-2015-3238 CVE-2017-1000408 CVE-2017-1000409 CVE-2017-12133 CVE-2017-15670 CVE-2017-15671 CVE-2017-15804 CVE-2017-16997 CVE-2018-1000001 CVE-2018-1000140 CVE-2018-1050 CVE-2018-10858 CVE-2018-5391 CVE-2019-10215 CVE-2019-11135 CVE-2019-11139 CVE-2019-11365 CVE-2019-11366 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-15043 CVE-2019-1551 CVE-2019-15681 CVE-2019-15690 CVE-2019-20788 CVE-2019-3846 CVE-2020-10188 CVE-2020-12245 CVE-2020-13379 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 CVE-2020-6819 CVE-2020-6820 SUSE-SU-2018:0074-1 SUSE-SU-2018:0655-1 SUSE-SU-2018:0822-1 SUSE-SU-2018:2171-1 SUSE-SU-2020:0474-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:1165-1 SUSE-SU-2020:1970-1 SUSE-SU-2021:1930-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information ImageMagick-7.0.7.29-lp150.1 is installed OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information SDL2-2.0.8-lp151.4.3 is installed OR libSDL2-2_0-0-2.0.8-lp151.4.3 is installed OR libSDL2-2_0-0-32bit-2.0.8-lp151.4.3 is installed OR libSDL2-devel-2.0.8-lp151.4.3 is installed OR libSDL2-devel-32bit-2.0.8-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-68.6.1-109.113 is installed OR MozillaFirefox-devel-68.6.1-109.113 is installed OR MozillaFirefox-translations-common-68.6.1-109.113 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information pam-1.1.8-23 is installed OR pam-32bit-1.1.8-23 is installed OR pam-doc-1.1.8-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information gvim-7.4.326-17.6 is installed OR vim-7.4.326-17.6 is installed OR vim-data-7.4.326-17.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libcgroup-0.41.rc1-10.9 is installed OR libcgroup-tools-0.41.rc1-10.9 is installed OR libcgroup1-0.41.rc1-10.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libQt5WebKit5-5.6.2-1 is installed OR libQt5WebKit5-imports-5.6.2-1 is installed OR libQt5WebKitWidgets5-5.6.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND ucode-intel-20210525-13.90.1 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information LibVNCServer-0.9.9-17.19 is installed OR libvncclient0-0.9.9-17.19 is installed OR libvncserver0-0.9.9-17.19 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Twisted-15.2.1-9.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND golang-github-prometheus-node_exporter-0.18.1-1.6 is installed