Oval Definition:oval:org.opensuse.security:def:60969
Revision Date:2020-12-01Version:1
Title:Security update for ucode-intel (Moderate)
Description:

This update for ucode-intel fixes the following issues:

Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for:

- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack' attacks. (bsc#1156353)

Microcode Table:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ HSW C0 6-3c-3/32 00000027->00000028 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5 HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4 HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5 SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2 CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2 SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5 AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8 CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9 CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile

Also contains the Intel CPU Microcode update to 20200520:

Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New ---- new platforms ---------------------------------------- ---- updated platforms ------------------------------------ SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Family:unixClass:patch
Status:Reference(s):1035442
1042812
1042826
1043289
1049072
1052825
1062571
1062760
1064947
1065766
1070130
1072887
1073973
1075975
1076500
1082877
1085790
1120374
1122983
1129186
1129231
1132045
1140738
1141329
1141332
1141670
1154824
1156353
1163933
1163985
1165631
1171252
1171254
1172437
1172466
1173369
1173991
1174284
1175686
1177158
CVE-2015-9542
CVE-2017-10989
CVE-2017-11403
CVE-2017-18201
CVE-2017-9439
CVE-2017-9440
CVE-2017-9501
CVE-2018-0486
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-5748
CVE-2018-8740
CVE-2019-12525
CVE-2019-12529
CVE-2019-13345
CVE-2019-3838
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-10757
CVE-2020-12653
CVE-2020-12654
CVE-2020-14355
CVE-2020-15011
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
CVE-2020-1720
CVE-2020-1749
SUSE-SU-2017:2199-1
SUSE-SU-2018:0140-1
SUSE-SU-2018:0279-1
SUSE-SU-2018:0673-1
SUSE-SU-2019:2089-1
SUSE-SU-2020:0586-1
SUSE-SU-2020:1117-1
SUSE-SU-2020:1595-1
SUSE-SU-2020:2048-1
SUSE-SU-2020:2544-1
SUSE-SU-2020:3084-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • dkgpg-1.1.3-lp151.3.3 is installed
  • OR libTMCG-1.3.18-lp151.3.3 is installed
  • OR libTMCG-devel-1.3.18-lp151.3.3 is installed
  • OR libTMCG18-1.3.18-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND dracut-saltboot-0.1.1590413773.a959db7-lp152.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.5 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.5 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND squid-3.5.21-26.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_116-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_31-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • pam_radius-1.3.16-239.4 is installed
  • OR pam_radius-32bit-1.3.16-239.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.6 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.6 is installed
  • OR sqlite3-3.8.10.2-9.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • xen-4.11.4_04-2.30 is installed
  • OR xen-doc-html-4.11.4_04-2.30 is installed
  • OR xen-libs-4.11.4_04-2.30 is installed
  • OR xen-libs-32bit-4.11.4_04-2.30 is installed
  • OR xen-tools-4.11.4_04-2.30 is installed
  • OR xen-tools-domU-4.11.4_04-2.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20200602-13.68 is installed
    • BACK