Adding patchinfo patchinfo.20240719123321378528.269002615871826

2024-08-23 09:04:07 +02:00 · 2024-08-23 09:04:07 +02:00 · 8b6f9bfc2b
commit 8b6f9bfc2b
parent 9c1b282401
1 changed files with 53 additions and 0 deletions
--- a/patchinfo.20240719123321378528.269002615871826/_patchinfo
+++ b/patchinfo.20240719123321378528.269002615871826/_patchinfo
@ -0,0 +1,53 @@
+<patchinfo>
+  <!-- generated from request(s) 333497 -->
+  <issue tracker="bnc" id="1221323">VUL-0: CVE-2023-28746: ucode-intel: 20240312 release</issue>
+  <issue tracker="bnc" id="1224277">VUL-0: ucode-intel: 20240514 release</issue>
+  <issue tracker="cve" id="2023-22655"/>
+  <issue tracker="cve" id="2023-28746"/>
+  <issue tracker="cve" id="2023-38575"/>
+  <issue tracker="cve" id="2023-39368"/>
+  <issue tracker="cve" id="2023-43490"/>
+  <issue tracker="cve" id="2023-45733"/>
+  <issue tracker="cve" id="2023-45745"/>
+  <issue tracker="cve" id="2023-46103"/>
+  <issue tracker="cve" id="2023-47855"/>
+  <packager>msmeissn</packager>
+  <rating>moderate</rating>
+  <reboot_needed/>
+  <category>security</category>
+  <summary>Security update for ucode-intel</summary>
+  <description>This update for ucode-intel fixes the following issues:
+
+- Intel CPU Microcode was updated to the 20240514 release (bsc#1224277)
+  - CVE-2023-45733: Security updates for  INTEL-SA-01051
+  - CVE-2023-46103: Security updates for  INTEL-SA-01052
+  - CVE-2023-45745,CVE-2023-47855: Security updates for INTEL-SA-01036
+
+- Updated to Intel CPU Microcode 20240312 release. (bsc#1221323)
+  - Security updates for INTEL-SA-INTEL-SA-00972
+    - CVE-2023-39368: Protection mechanism failure of bus lock regulator
+      for some Intel Processors may allow an unauthenticated user to
+      potentially enable denial of service via network access
+  - Security updates for INTEL-SA-INTEL-SA-00982
+    - CVE-2023-38575: Non-transparent sharing of return predictor targets
+      between contexts in some Intel Processors may allow an authorized
+      user to potentially enable information disclosure via local access.
+  - Security updates for INTEL-SA-INTEL-SA-00898
+    - CVE-2023-28746: Information exposure through microarchitectural
+      state after transient execution from some register files for some
+      Intel Atom Processors may allow an authenticated user to potentially
+      enable information disclosure via local access.
+  - Security updates for INTEL-SA-INTEL-SA-00960
+    - CVE-2023-22655 Protection mechanism failure in some 3rd and 4th
+      Generation Intel Xeon Processors when using Intel SGX or Intel TDX
+      may allow a privileged user to potentially enable escalation of
+      privilege via local access.
+  - Security updates for INTEL-SA-INTEL-SA-01045
+    - CVE-2023-43490: Incorrect calculation in microcode keying mechanism
+      for some Intel Xeon D Processors with Intel SGX may allow a
+      privileged user to potentially enable information disclosure via
+      local access.
+</description>
+  <package>ucode-intel</package>
+  <seperate_build_arch/>
+</patchinfo>