Oval Definition:oval:org.opensuse.security:def:60704
Revision Date:2020-12-01Version:1
Title:Security update for ucode-intel (Moderate)
Description:

This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for:

- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack' attacks. (bsc#1156353)

Microcode Table:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ HSW C0 6-3c-3/32 00000027->00000028 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5 HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4 HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5 SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2 CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2 SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5 AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8 CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9 CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile

Also contains the Intel CPU Microcode update to 20200520:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Family:unixClass:patch
Status:Reference(s):1056061
1088200
1094327
1102062
1102068
1102073
1103511
1103658
1139959
1140122
1144524
1146848
1154824
1156275
1156353
1163985
1166847
1170170
1172140
1172437
1172466
1173027
1173369
1174955
1176410
1177143
1177155
CVE-2015-9262
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13087
CVE-2017-13088
CVE-2018-14598
CVE-2018-14599
CVE-2018-14600
CVE-2018-8032
CVE-2018-9256
CVE-2018-9259
CVE-2018-9260
CVE-2018-9261
CVE-2018-9262
CVE-2018-9263
CVE-2018-9264
CVE-2018-9265
CVE-2018-9266
CVE-2018-9267
CVE-2018-9268
CVE-2018-9269
CVE-2018-9270
CVE-2018-9271
CVE-2018-9272
CVE-2018-9273
CVE-2018-9274
CVE-2019-13012
CVE-2019-13456
CVE-2019-14869
CVE-2019-15666
CVE-2019-17185
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-10757
CVE-2020-12059
CVE-2020-15011
CVE-2020-15708
CVE-2020-1720
CVE-2020-25219
CVE-2020-25637
CVE-2020-26154
CVE-2020-8177
SUSE-SU-2017:2745-1
SUSE-SU-2018:0981-1
SUSE-SU-2019:1830-2
SUSE-SU-2019:2983-1
SUSE-SU-2020:0586-1
SUSE-SU-2020:1018-1
SUSE-SU-2020:1158-1
SUSE-SU-2020:1595-1
SUSE-SU-2020:2048-1
SUSE-SU-2020:2900-1
SUSE-SU-2020:3095-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.14-lp150.6.3 is installed
  • OR libpython2_7-1_0-32bit-2.7.14-lp150.6.3 is installed
  • OR python-2.7.14-lp150.6.3 is installed
  • OR python-32bit-2.7.14-lp150.6.3 is installed
  • OR python-base-2.7.14-lp150.6.3 is installed
  • OR python-base-32bit-2.7.14-lp150.6.3 is installed
  • OR python-curses-2.7.14-lp150.6.3 is installed
  • OR python-demo-2.7.14-lp150.6.3 is installed
  • OR python-devel-2.7.14-lp150.6.3 is installed
  • OR python-doc-2.7.14-lp150.6.3 is installed
  • OR python-doc-pdf-2.7.14-lp150.6.3 is installed
  • OR python-gdbm-2.7.14-lp150.6.3 is installed
  • OR python-idle-2.7.14-lp150.6.3 is installed
  • OR python-tk-2.7.14-lp150.6.3 is installed
  • OR python-xml-2.7.14-lp150.6.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ucode-intel-20190618-lp151.2.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • chocolate-doom-3.0.1-lp152.4.3 is installed
  • OR chocolate-doom-bash-completion-3.0.1-lp152.4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND wpa_supplicant-2.2-15.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • freeradius-server-3.0.15-2.14 is installed
  • OR freeradius-server-doc-3.0.15-2.14 is installed
  • OR freeradius-server-krb5-3.0.15-2.14 is installed
  • OR freeradius-server-ldap-3.0.15-2.14 is installed
  • OR freeradius-server-libs-3.0.15-2.14 is installed
  • OR freeradius-server-mysql-3.0.15-2.14 is installed
  • OR freeradius-server-perl-3.0.15-2.14 is installed
  • OR freeradius-server-postgresql-3.0.15-2.14 is installed
  • OR freeradius-server-python-3.0.15-2.14 is installed
  • OR freeradius-server-sqlite-3.0.15-2.14 is installed
  • OR freeradius-server-utils-3.0.15-2.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.47 is installed
  • OR libcurl4-7.37.0-37.47 is installed
  • OR libcurl4-32bit-7.37.0-37.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libXcursor-1.1.14-4.6 is installed
  • OR libXcursor1-1.1.14-4.6 is installed
  • OR libXcursor1-32bit-1.1.14-4.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-112.3 is installed
  • OR MozillaFirefox-branding-SLE-78-35.3 is installed
  • OR MozillaFirefox-devel-78.0.1-112.3 is installed
  • OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20200602-13.68 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND perl-DBI-1.628-5.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-loofah-2.0.2-3.8 is installed
  • OR rubygem-loofah-2.0.2-3.8 is installed
  • BACK