Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2021.1929.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2021:1929-1)
Summary:The remote host is missing an update for the 'ucode-intel' package(s) announced via the SUSE-SU-2021:1929-1 advisory.
Description:Summary:
The remote host is missing an update for the 'ucode-intel' package(s) announced via the SUSE-SU-2021:1929-1 advisory.

Vulnerability Insight:
This update for ucode-intel fixes the following issues:

Updated to Intel CPU Microcode 20210608 release.

CVE-2020-24513: A domain bypass transient execution vulnerability was
discovered on some Intel Atom processors that use a micro-architectural
incident channel. (INTEL-SA-00465 bsc#1179833) See also:
[link moved to references]
0465.html

CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient
execution side channel vulnerabilities may not fully prevent non-root
(guest) branches from controlling the branch predictions of the root
(host) (INTEL-SA-00464 bsc#1179836)

See also [link moved to references] 0464.html)

CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero
value cache-lines may lead to changes in cache-allocation or write-back
behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)

See also [link moved to references] 0464.html)

CVE-2020-24489: Fixed Intel VT-d device pass through potential local
privilege escalation (INTEL-SA-00442 bsc#1179839)

See also [link moved to references] 0442.html

Other fixes:

Update for functional issues. Refer to [Third Generation Intel Xeon
Processor Scalable Family Specification
Update]([link moved to references])for details.

Update for functional issues. Refer to [Second Generation Intel Xeon
Processor Scalable Family Specification
Update]([link moved to references]) for details.

Update for functional issues. Refer to [Intel Xeon Processor Scalable
Family Specification
Update]([link moved to references]) for details.

Update for functional issues. Refer to [Intel Xeon Processor D-1500,
D-1500 NS and D-1600 NS Spec Update]([link moved to references]
on/xeon-d-1500-specification-update.html) for details.

Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800
v3 Processor Specification Update]([link moved to references]
spec-update.html) for details.

Update for functional issues. Refer to [Intel Xeon Processor E5 v3
Product Family Specification Update]([link moved to references]
spec-update.html?wapkw=processor+spec+update+e5) for details.

Update for functional issues. Refer to [10th Gen Intel Core Processor
Families Specification Update]([link moved to references]
re/10th-gen-core-families-specification-update.html) for details.

Update for functional issues. Refer to [8th and 9th Gen Intel Core
Processor Family Spec Update]([link moved to references]
re/8th-gen-core-spec-update.html) ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'ucode-intel' package(s) on SUSE Linux Enterprise Server 12-SP5

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-24489
Common Vulnerability Exposure (CVE) ID: CVE-2020-24511
Common Vulnerability Exposure (CVE) ID: CVE-2020-24512
Common Vulnerability Exposure (CVE) ID: CVE-2020-24513
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.