54 lines
2.6 KiB
Plaintext
54 lines
2.6 KiB
Plaintext
|
<patchinfo>
|
||
|
<!-- generated from request(s) 333497 -->
|
||
|
<issue tracker="bnc" id="1221323">VUL-0: CVE-2023-28746: ucode-intel: 20240312 release</issue>
|
||
|
<issue tracker="bnc" id="1224277">VUL-0: ucode-intel: 20240514 release</issue>
|
||
|
<issue tracker="cve" id="2023-22655"/>
|
||
|
<issue tracker="cve" id="2023-28746"/>
|
||
|
<issue tracker="cve" id="2023-38575"/>
|
||
|
<issue tracker="cve" id="2023-39368"/>
|
||
|
<issue tracker="cve" id="2023-43490"/>
|
||
|
<issue tracker="cve" id="2023-45733"/>
|
||
|
<issue tracker="cve" id="2023-45745"/>
|
||
|
<issue tracker="cve" id="2023-46103"/>
|
||
|
<issue tracker="cve" id="2023-47855"/>
|
||
|
<packager>msmeissn</packager>
|
||
|
<rating>moderate</rating>
|
||
|
<reboot_needed/>
|
||
|
<category>security</category>
|
||
|
<summary>Security update for ucode-intel</summary>
|
||
|
<description>This update for ucode-intel fixes the following issues:
|
||
|
|
||
|
- Intel CPU Microcode was updated to the 20240514 release (bsc#1224277)
|
||
|
- CVE-2023-45733: Security updates for INTEL-SA-01051
|
||
|
- CVE-2023-46103: Security updates for INTEL-SA-01052
|
||
|
- CVE-2023-45745,CVE-2023-47855: Security updates for INTEL-SA-01036
|
||
|
|
||
|
- Updated to Intel CPU Microcode 20240312 release. (bsc#1221323)
|
||
|
- Security updates for INTEL-SA-INTEL-SA-00972
|
||
|
- CVE-2023-39368: Protection mechanism failure of bus lock regulator
|
||
|
for some Intel Processors may allow an unauthenticated user to
|
||
|
potentially enable denial of service via network access
|
||
|
- Security updates for INTEL-SA-INTEL-SA-00982
|
||
|
- CVE-2023-38575: Non-transparent sharing of return predictor targets
|
||
|
between contexts in some Intel Processors may allow an authorized
|
||
|
user to potentially enable information disclosure via local access.
|
||
|
- Security updates for INTEL-SA-INTEL-SA-00898
|
||
|
- CVE-2023-28746: Information exposure through microarchitectural
|
||
|
state after transient execution from some register files for some
|
||
|
Intel Atom Processors may allow an authenticated user to potentially
|
||
|
enable information disclosure via local access.
|
||
|
- Security updates for INTEL-SA-INTEL-SA-00960
|
||
|
- CVE-2023-22655 Protection mechanism failure in some 3rd and 4th
|
||
|
Generation Intel Xeon Processors when using Intel SGX or Intel TDX
|
||
|
may allow a privileged user to potentially enable escalation of
|
||
|
privilege via local access.
|
||
|
- Security updates for INTEL-SA-INTEL-SA-01045
|
||
|
- CVE-2023-43490: Incorrect calculation in microcode keying mechanism
|
||
|
for some Intel Xeon D Processors with Intel SGX may allow a
|
||
|
privileged user to potentially enable information disclosure via
|
||
|
local access.
|
||
|
</description>
|
||
|
<package>ucode-intel</package>
|
||
|
<seperate_build_arch/>
|
||
|
</patchinfo>
|