Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-0543 (GCVE-0-2020-0543)
Vulnerability from cvelistv5 – Published: 2020-06-15 13:55 – Updated: 2024-08-04 06:02
VLAI
EPSS
Summary
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity
5.5 (Medium)
CWE
- Information Disclosure
Assigner
References
19 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See provided reference
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:02:52.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html"
},
{
"name": "USN-4385-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4385-1/"
},
{
"name": "USN-4388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4388-1/"
},
{
"name": "openSUSE-SU-2020:0818",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html"
},
{
"name": "USN-4392-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4392-1/"
},
{
"name": "USN-4393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4393-1/"
},
{
"name": "USN-4389-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4389-1/"
},
{
"name": "USN-4387-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4387-1/"
},
{
"name": "FEDORA-2020-3364913ace",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/"
},
{
"name": "FEDORA-2020-e8835a5f8e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/"
},
{
"name": "USN-4390-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4390-1/"
},
{
"name": "USN-4391-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4391-1/"
},
{
"name": "FEDORA-2020-11ddbfbdf0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/"
},
{
"name": "[oss-security] 20200714 Flatcar membership on the linux-distros list",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/14/5"
},
{
"name": "openSUSE-SU-2020:0965",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
},
{
"name": "openSUSE-SU-2020:0985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318"
},
{
"name": "FEDORA-2020-1afbe7ba2d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See provided reference"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-29T02:06:12.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html"
},
{
"name": "USN-4385-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4385-1/"
},
{
"name": "USN-4388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4388-1/"
},
{
"name": "openSUSE-SU-2020:0818",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html"
},
{
"name": "USN-4392-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4392-1/"
},
{
"name": "USN-4393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4393-1/"
},
{
"name": "USN-4389-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4389-1/"
},
{
"name": "USN-4387-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4387-1/"
},
{
"name": "FEDORA-2020-3364913ace",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/"
},
{
"name": "FEDORA-2020-e8835a5f8e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/"
},
{
"name": "USN-4390-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4390-1/"
},
{
"name": "USN-4391-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4391-1/"
},
{
"name": "FEDORA-2020-11ddbfbdf0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/"
},
{
"name": "[oss-security] 20200714 Flatcar membership on the linux-distros list",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/07/14/5"
},
{
"name": "openSUSE-SU-2020:0965",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
},
{
"name": "openSUSE-SU-2020:0985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318"
},
{
"name": "FEDORA-2020-1afbe7ba2d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-0543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See provided reference"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html"
},
{
"name": "USN-4385-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4385-1/"
},
{
"name": "USN-4388-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4388-1/"
},
{
"name": "openSUSE-SU-2020:0818",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html"
},
{
"name": "USN-4392-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4392-1/"
},
{
"name": "USN-4393-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4393-1/"
},
{
"name": "USN-4389-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4389-1/"
},
{
"name": "USN-4387-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4387-1/"
},
{
"name": "FEDORA-2020-3364913ace",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/"
},
{
"name": "FEDORA-2020-e8835a5f8e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/"
},
{
"name": "USN-4390-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4390-1/"
},
{
"name": "USN-4391-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4391-1/"
},
{
"name": "FEDORA-2020-11ddbfbdf0",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/"
},
{
"name": "[oss-security] 20200714 Flatcar membership on the linux-distros list",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/07/14/5"
},
{
"name": "openSUSE-SU-2020:0965",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html"
},
{
"name": "openSUSE-SU-2020:0985",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318"
},
{
"name": "FEDORA-2020-1afbe7ba2d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-0543",
"datePublished": "2020-06-15T13:55:00.000Z",
"dateReserved": "2019-10-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:02:52.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-0543",
"date": "2026-06-19",
"epss": "0.0054",
"percentile": "0.41084"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1000m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8BE23AB-1F5F-4FA7-8617-D4A4C9D5F6A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1005m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD5FDB66-4805-4EB5-B6BE-938D40C48C25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1007u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DD7CD7F-F0F4-408E-858C-8EB9BC82382E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1017u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F898D49D-6B5C-45AA-A166-BFCE5CC9A6E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1019y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29560B2E-DAC6-478A-84AE-508AE21D0AEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1020e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAB9B322-ACB3-4505-8281-2A365A21D286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1020m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D54B11B-18A3-4DEE-84FF-B5A32C7E60CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1037u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0198F9C-60DA-4D91-9FD2-5CC65ED346ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_1047ue:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7F39FE0-A9F4-4232-B925-598E4F9167A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_2955u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6886FA9-E9FE-427C-A403-45C554ADA19C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_2957u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3BE78C2-660F-4C48-B0F1-05D0116F0FDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_2970m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDB04659-871D-4B1E-9681-D5ADCEAE2CE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_2980u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F21EEA7-EE23-483B-8B01-5324E0063B2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_2981u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29792C69-EAE9-4DD9-B127-5AF1FFA9A1D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3755u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B8FA7CE-FF47-4918-8171-EDCEA156C314\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3765u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2F086FB-60AA-421A-BA6C-C687B54A4993\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3855u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44FEB5D1-5177-4B5E-BB06-0C7E2A0CA6D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3865u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20F761B4-2DCE-4E31-9974-C399B4982EFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3955u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9796C997-40C0-4C75-B2B3-06D037138976\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3965u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11F8482B-2E48-4976-83D0-F1E4BA015FEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_3965y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D36CCEB4-62C0-427D-B4B3-41F9B1B9194E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39831D4E-743A-4C09-900F-24DDAB5D1B22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_725c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED49334B-38E1-4212-A23F-FE5437B773CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_927ue:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5AD98D1-5A73-4A92-A6F5-D9DDC14056AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1610:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4003B029-36AE-47CD-BFB1-1F06DFEBA0C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1610t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FADF19F8-54BB-4BF4-BF1C-515EBBEE2060\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1620:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B67D44E3-F8E1-4EB9-8D91-5777DC97D497\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1620t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E4AC5E9-94DB-4970-BE29-747503AE81E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1630:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06FFA194-E200-4F4D-8E66-60D0134184E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1820:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12FD8D3B-0FC0-4E8A-9476-3092BAE9F15E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1820t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B950F6FC-2848-45B7-9C28-B0DF46BC442B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1830:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95101653-A2BF-47F5-A209-097CA98A91F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1840:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B72870A6-E156-46AE-A5C4-B9B8F10C147D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1840t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAD76063-D9C2-4F41-B7D3-29A32678B527\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g1850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95826FC7-9E92-4C6A-8F16-9D20B8E41F75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25847980-2D7B-4D4B-B0F2-C2CAB648182C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3900t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5723C9D-E59D-4FA3-893F-D79E726025C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3900te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25BC4638-06F6-41C9-BF0F-74037F24CBEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3902e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11A64939-F09B-4FEC-8F1D-FAC34D8E14BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3920:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77D7291F-752E-409F-82BE-6060BA5E2559\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3920t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17560EF4-27C7-466A-9CD1-164F1B0F5B79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3930e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"226CBC16-EC2A-4498-ADB3-655A0E9CF396\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3930te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9278297-5E4B-40D0-8782-E5AE87E43B7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g3940:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A562A07B-EDC4-4545-AC10-6CAA1494C6E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B801EF4-980C-40EF-84A8-4AA2D29CFB06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2129E439-63C1-4CBF-B39D-2941621AB454\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26E9CDAC-8C63-4F9A-B171-9E5E11E5313E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA2A4A2A-CB99-4AEC-B0EB-11763E6C0E0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22828766-08EF-430F-A0F0-F59E772E38B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_4205u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6F8D167-C5B9-4B15-8861-529598D1C491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_4410y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E6A6A15-1406-41C8-84F8-E0C202F554DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_4415y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4B0FE5D-07FD-43E7-B89E-BDE6D6F49D30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_5405u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61FFCFE8-2B6E-4EB8-965C-AA5CB5493516\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_8269u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDB4120A-B29F-496B-8FEB-CFD4A155202C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_9300h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04AA92B3-DF06-45C3-8E46-D721262EFE71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_9750hf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"454DA7E4-ECDE-40C8-AA8F-181333BEFBE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-2115c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"166ED4A3-9466-4072-BD9D-B10AE3B98D31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3110m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60EEC961-3871-47C8-87F3-E803E2DD63CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3115c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBB7DD58-9F34-42A7-90D6-39B29933527E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3120m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C95EF0-D6F2-4F51-BA74-88B56F0FBED2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3120me:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE48E32B-9FF2-4F16-8E18-F982994457CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3130m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE4BF988-5A82-4A0F-97EB-8D709CE5417D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"913D6C36-8335-46EF-9164-E6FABDFFB6B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3217u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8A452D4-0DD6-43A9-9390-A62AE48AF310\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3217ue:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E95D40C-E599-4297-8079-39FA45AEA395\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E117D09A-02A0-4A4C-8233-98C42E94A580\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3220t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCCED1FD-FAC8-4E12-97DF-5ACAC0C55632\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3225:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8C1BC59-9CB9-4A88-B414-0F94AF440086\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3227u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5E6FE39-7A75-4897-8336-9E4AFD77E3C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3229y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFFB351B-14E8-4145-A733-07586AE4C920\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"869B680B-2585-418B-9C5C-349A3339C753\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3240t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8009F20-942D-47B6-9C6C-3DB33C334ABF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3245:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7DFFAE3-24FF-4A9E-B3AC-93406A362E58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3250:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A219AF5E-BD41-4BFE-A299-6B45DB027663\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-3250t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB755E29-BD69-4FFC-BEED-C5AE16357394\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4005u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDC0FB13-6766-4ED4-BF2E-439BEAAA29D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4010u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4201168-8AF2-4C17-8D49-89D77062B835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4010y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCB9DBB4-5202-4A51-94BF-330756FED881\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4012y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10606356-43F2-4DEB-AB52-6810FDD4CE49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4020y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D690FD7-DB10-4071-B156-09F49E71C479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4025u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"225F1973-15DA-4D6D-89EA-17E6AA10C36E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4030u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CD2F2F4-395C-4AB5-AAB0-0CB6FEE8ACE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4030y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5AF7A04-AAC2-4B03-9F66-5078BECBADF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4100m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCF1BEDB-776F-4CAE-84F5-F29F7EE20D69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4100u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6F33467-2074-4775-871F-013A513881A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4110m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AD8C3F8-2B03-4FC3-826B-529B0AE005CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4120u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"435E1592-37A8-4436-8755-95FB585579E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4130:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92C15BE9-B984-4675-AE59-9E275C4763F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4130t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"983FD869-68B3-454A-AF09-4AAF2F59BFAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06C65583-56E8-46E6-A0F1-A46405460188\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4150t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D3C6D6-504F-4FC2-A871-C4B36A5949D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4158u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49482ADE-4DDE-448C-B491-88AFBBF08381\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4160:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D246820-03D1-48CD-9A08-2328D77428B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4160t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C714E08F-C724-4C36-99FC-4A85EB2B8BAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4170:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"793B03CA-B9F9-48CC-A0C6-E1FF86B71199\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4170t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F117F239-FA9C-4B7F-A1C7-F0EB0F24E003\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4330:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B0D3709-EB3A-48E6-9A7B-0108FAE2AF04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4330t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68066973-CB03-4AA8-9F24-D43C6F479348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C242A17E-6A79-4435-BF37-C503D69EB3E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4350:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7555AB52-CE91-48FE-8950-9E8B98A184FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4350t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9D0B6B6-1CD6-4962-9054-7DB56D584248\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4360:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8042533-01E5-4C3E-9EF2-9AF475E2373E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4360t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D29161F8-B122-4544-9B7F-9C9498532E44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4370:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4C82B27-415C-4C7B-B3AC-FE398581EE81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-4370t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1A225BD-6E71-4EF0-A9DF-50AC5D94139B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5005u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3F45AB6-55EF-4ED0-BBAD-E78894ED399B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5006u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A4DB9FB-2256-4D44-9DCF-A8D6AFAE091B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5010u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DA07BF1-F5E6-4AFB-AE92-26E3E5125064\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5015u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81A627BB-47E3-4870-8B66-92546ABA0060\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5020u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6DD467D-BCB8-48CA-920B-5591A3E8D4C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-5157u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A64B0EA-FB22-4CE6-81E7-56CFFE12FC5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A6E16A4-5B81-412F-9B02-D15288F0EB52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8448F47A-F956-4228-9A13-24AE86C532CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0B9E6DB-C9C3-4B19-915B-B2E6E4D12158\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C4115F-E374-47E9-A81F-CC06FA72C67F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE81958E-5DFA-424C-9662-ECB1D9B738D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE0F2403-8146-4CA0-9E89-04022B375CEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6102e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD67C284-EFCE-4530-8E68-42BB1B6F15C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6110u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8CD54D-7BB0-4CA7-99C6-8E3EC20E2265\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE3DA00E-1BAC-4227-9ED0-F4757BC23B65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6120t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34E0E209-5CEE-418F-B99B-9142CDE9ADE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20B1E424-885F-4BB0-9257-8284A18B1655\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BADEBE08-1478-4B88-9E06-5164BA0517DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6300t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D672383-B9AD-466E-8D6C-68DEC432B9A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D16BDFF3-4CC0-4423-8385-C5E49C941F49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-6320t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048C652D-352D-4088-9986-30C280BC5C8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7007u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"102122A3-D47E-4CD2-8151-4B708C39D3E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7020u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35F2CA68-9EEA-421F-A92E-E7685EC010EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7100e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C17DCC3-9200-4198-B08D-EAD531B59995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31CBD3FB-0835-4F28-BFA2-3D07459066F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F059A42-0B43-4F79-BBAF-6ED05CFFE7EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7101e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6B298A-1480-41C2-BE7C-7291E7256D7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7101te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB3ABEFE-11A5-4EC3-9537-F9C75A46FF65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7102e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14C20D2A-CD26-4019-A266-AB4E89EBD2E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7110u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04C8B673-9E57-4970-AC45-EE3526757425\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6F9C441-D99C-4BA2-9269-83283507D7D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7120t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF5748B4-1ED9-49DD-9140-DC7B47A30BB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7130u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B608F333-BD78-4082-B2AE-0F5BBE7E0D9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F609E73-203F-45B9-9A3A-DC754B33860A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7320t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00A6DEC8-14E3-4A0E-93A5-72BB607A9D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-7340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C195F5C-9666-48C7-A1C0-43E189B17EEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD3CA819-AFF3-47F8-AABE-A5F9DA89BAE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8000t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06FDA087-0896-4138-9BA2-8238A845F5E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8020:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8A63B09-D870-411D-8B26-ACDEE48C10F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD84789A-B7F4-493E-A3F6-D5287ACFEB98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47B28199-5B9A-4AC4-9529-77A6FC591DC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33B0B0C9-54ED-4D7E-B0F2-C87690056800\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"408A8035-BE57-435B-85A5-9C59D3B2DD42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6287BCB7-8EFD-485E-B40E-AE6B9DB067DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D78093B-076C-48FB-A224-F94F5743ACF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1DCD6D7-7FF2-419B-A41C-CF1FA830F289\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8127E47-6082-4313-B310-1C6278471A21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C14BA084-59CC-40E8-A62F-7AD1C9DD9283\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-i3-8100h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C25C1699-E656-4FA0-A9B7-59A3940814DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62BFF15A-0C78-45BC-8E71-EDF624AC162D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71615EAF-4DF4-4B9E-BF34-6ED0371A53D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"376B6DD7-1284-4BD9-88A4-5C34303CC5D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8515D29-3823-4F9B-9578-8BB52336A2A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3210m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16614725-F21F-45C9-85CA-9F9C8EFE0FBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3230m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6659D386-A44A-484F-AAE1-EA5CB3F17528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3317u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5427E131-5B27-4C64-BED0-C5780595831C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3320m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9969E654-88F4-4F97-A737-C53D078BB9AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3330:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27934CF8-2FB2-4D04-92FC-081F31B18D5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3330s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5552F0B-6AA4-4E55-8871-E3E61B78F0B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3337u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94F26990-272B-4A25-AAD1-1CEE2EC96515\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3339y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEC9E4B4-BDF7-4D6B-99E2-9DFD3408EA9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9265D619-7C06-4297-BCA0-7B44AC3DE2BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3340m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BAAB044-56DD-4F28-B794-7F3DF8F403DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3340s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2559481C-347F-4E3D-9E46-FB5E3E85682B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3350p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46D61342-E48F-426E-A856-3E0EAD268E5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3360m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22D9B565-1A4C-4344-93E9-05390E036102\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3380m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5262FA4-704A-4FD8-AFC6-B35B28768CFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3427u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96D540DD-94C1-4568-9275-01ED97A313BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3437u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEBACE66-D68E-4D1D-9CDC-8A23F387BFE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3439y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBE75BFF-5251-4216-A49E-5CF2A8B69A0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3450:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C862334A-9B62-4FE9-AD65-383A240E1E2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3450s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25345701-D7A9-47D9-8E84-BFD44669DBDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3470:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA2E8D01-9A86-45ED-8E5D-83A41D68FA5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3470s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABE78550-8862-4449-A114-39CDA89C4A6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3470t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C3EBF20-9833-481F-86C4-65EF106D2438\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3475s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29A1EFA9-49A9-4127-8AC5-78EA78162A8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26059622-2A47-4D95-B32C-867E19BFA204\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3550s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8E0A34F-29B3-487F-8FFA-63DC0E581F36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3570:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"163C5423-A6F8-4824-A823-962147C72BD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3570k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48BDE191-B712-4AE6-B577-788934849708\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3570s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE7D55B8-E611-4D90-85BC-2159136C47B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3570t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3E241E2-9569-4F13-AE70-F717713AE845\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-3610me:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA5C764-BF33-4035-B832-0C5B7A084081\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4200u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13038065-613A-4560-AFC1-6CAD2C9D27EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4200y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E44E93A2-5483-4CE5-B3E3-759BCDF67847\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4202y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B769FF2-10FA-40F8-A702-CBF5EBB23B3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4210h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71BBDB01-D110-4B44-92D3-D2936F02E749\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4210u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"044D188E-792A-4007-9D87-6FB55AA685C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4210y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8D46072-8F46-4FCB-B161-7812B544C1A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4220y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F6A65B2-FFBE-482C-8E08-19E3D72977DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4250u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DC0C2C7-F8A4-4ED0-B4FA-3372FAC11FA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4258u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D98CCDE-E246-43B4-8778-9C357AF0C1C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4260u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58AD9023-0D04-4A77-BB47-FAB873342FF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4278u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09C41E56-9836-4D9E-8289-B9BFF8836B59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4288u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0A15D53-6CCA-42AE-8DDE-B11E004451DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4300u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69BF8F7-AB89-43B0-BD04-F95E7C655766\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4300y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5D97AAB-5FD8-40DF-B13F-D12356023873\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4302y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A0F7C52-2F89-449A-810D-4EDE87729EC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4308u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC2BEF57-EADD-45C7-93EA-4257A0F8571B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4350u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6778D27-5442-44EA-8B69-3E9C406A7109\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4402ec:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"260C49FB-83F0-428B-861B-9A34B28EBA3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4430:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32531475-E54A-49B1-B15C-9366DE0BC003\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4430s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"430479CC-7246-424F-A514-96035A14BA6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4440:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"061078C4-0B54-4BAD-9E3B-4114893FC8BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4440s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1ECAE7B1-7948-45A9-B73C-B362846A13EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4460:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5B0D553-AB7D-453C-92C6-E3D08A7FAB08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4460s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D153FDC-5420-4C9A-8FC3-2B29133F6F5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4460t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"166B6B12-BEEA-4CB4-B194-B53F382CCC3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4570:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F417FFF-166E-4158-8AAF-B2B46539792B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4570r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"829EDA96-60C4-4BC9-AAFD-2E3CFFD8D878\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4570s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1F9933E-9B7E-439A-8E10-AAC45C834A5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4570t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB34FDE0-6251-4B88-AA3F-B883639256B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4590:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE57DEE6-5C9C-4A76-9EB2-7DD9A34599DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4590s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BC6F12C-CADB-4D53-A75B-E7D98FF96383\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4590t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62D4DE4E-9FE4-4488-8B14-59A87EB6E286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4670:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DCB38B4-DC0E-4C23-9E51-16B73199D0D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4670k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10FE39EA-B42A-4AD5-8343-0B644E795B3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4670r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4612D9EA-ACEE-449D-A32B-AAA9474B49B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4670s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C47E01F-EACA-41C4-B478-F1E718B5EC52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4670t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CB47108-1104-4272-98B4-9458E1B1EA5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4690:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50B07453-9E7C-4F2F-9B9E-B0F3A3710811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4690s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"505D6E8F-51BA-4947-9667-9402ED9111EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-4690t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74D12E38-F78E-4111-88FE-F8472F8A571B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5200u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60A08817-7679-4B7B-8D32-08F7F42525CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5250u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8085F23-481D-4395-9071-5F79DCC4EFEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5257u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CB0B9DA-FB37-4E96-99E7-3345B53FDC2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5287u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7138774-E0CF-47C6-BA82-4034AA63AC1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5350:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"444D4778-B28C-4DA9-9F44-C2D1ACE20BF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5350u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7EA9832-4E75-4295-B0AE-AB632B043FCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5575r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9BE5A85-4721-4AED-BC92-690094C877FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5675c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EDD172D-7ECF-4EF8-A731-0B6484240F23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-5675r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFE1C5F5-C523-4EED-8C5C-7EEBFE9E6D73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F611716-F3D6-4187-AE71-4FF87C95C18E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6210u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"033028FD-BBD8-4BE0-B0D2-4744380D3EF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5F67974-81B3-43C2-8DAE-A66C6A876B7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1054FBFC-1609-4301-A0D0-B78878FB2427\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0F889F1-3B57-46C1-9C23-9E78CD0DEECF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93929C7B-D4D9-436B-BA69-FD3C22FCEC2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6300u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7F9109E-EADD-40F4-8360-BF7E37433E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6310u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02F5A50A-AAA4-440D-8AA3-54BE556322B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41F7C959-BC66-40AB-8038-D37181A4CE5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6360u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B9B3858-E58D-471E-8F12-DC109A133B81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D37104E-78E5-4368-B67F-1F8C63873C3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3B6BBA6-BAA6-4258-8A5D-94CD786A3B96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6440eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30DFA368-60E2-42D7-9C59-04F61F1A1FDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6440hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0974E563-6326-4E79-95FF-40625440696E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6442eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B9D15BA-CC1B-4D83-9944-2593E2BA4AB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"467F294F-2FC5-4B2A-A1CD-4FE90F9D9C16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E904FB93-EFF6-4E8E-92F2-95C4952B0240\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6500te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B232290-B3AD-4BB5-80B8-4CB3E6259A44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"772568B9-C502-4154-9320-16D78BF60B34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"912614A7-45BA-411D-AE77-610EFE8D2A35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-6600t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FBD651A-306D-4341-8DEE-2E928CA6E0EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7200u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E993BEE9-72BD-4615-B1BE-5E9129D61ABD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7210u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FD6FEF4-73DA-47B7-966D-9C0C16089423\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7260u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFA6BB38-CDF8-46B0-9910-897AB7920D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7267u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF244D02-2B47-4884-8D70-37DFEB18CB60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7287u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"615D9B0D-8E91-4C8F-B5BC-6315C2CA90BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7300hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EE85AE7-B4BD-442E-AFAB-CD01744C91B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7300u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2425FF8A-158C-40EE-BDBF-43E7641BC058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7360u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADA681B4-37F8-4E2E-B73B-E0E17C66B754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE4C6ADA-EE5E-401D-82B4-6E450EDBD49E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"173C6F98-4022-4F40-A39A-D3D490CA6461\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7440eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6EACCCA-7ADB-40B8-87DD-A55313E5BB97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7440hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F1BD53-55ED-4346-A67A-141B5BC552CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7442eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44D7B5DF-716F-48E6-9445-BB56A620DEF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F3E6176-6F6D-4488-A03B-2BBF846ADC93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AEAE7D3-6E26-43C5-B530-B0EE3DA65C80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7500u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3C31236-EEDA-4558-944D-A6859F1A779A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2603B0FB-A7B0-4E87-B989-D7EFFC2A64E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF705120-459D-49BA-BDCD-6AC38D95C820\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7600t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B91585C-4BD7-475B-8AC8-1B813A698D77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7640x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70B7093E-97DA-4BED-AE7C-87090B82E5E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7y54:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFA675E6-83DD-47FF-BEBC-D32E5223A065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-7y57_:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F5E4A60-291F-4F51-8F21-40928A95BA2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AC12E92-33CB-4603-AC14-3351CE1D4E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E62309E-1071-4569-8C9A-11748D629CAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DDA599F-09D5-4351-B7F5-351A2E04E091\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0D473E4-5EB1-434D-9D8F-C9365988EEAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3E166F-3D9F-4D0D-924A-147883598EA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BD64BB5-CBC1-4862-BEE6-04FC53017976\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4D55B9D-4BAB-4082-A33F-626E15229333\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71294A32-F3DD-45EA-A0FC-C3EA0351FA29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E920376-561D-4892-97A2-F4400223B3CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9054F35-AAB5-481E-B512-EDF4C3F2EA2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D350A92-3992-4464-84AB-960ABCA45698\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43DA2F8C-1C05-4447-A861-A33E81050F37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA341190-21EC-46FB-849D-F54AD3DFCF93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"874EF732-1067-45BB-BC15-DF815EC8CAFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8420t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD92F60E-0103-44AC-A377-52FFACB0A701\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"908629C1-FD27-4247-A33E-4F5E57DFF918\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2AF0758-7F39-40C0-A174-4805AADACE14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AB63EC2-E95B-43B5-BA7A-16314C968126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99484C0-1349-47EC-AFEB-5F7F281A514E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF02D685-1E67-40E1-A858-000498D5D877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9F74885-92EE-4F36-B4E1-5F1F8AD65F88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"238D4D09-7183-40D2-ABE0-4C477BCCEA49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-8650k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CB1E0C8-5FFD-42A5-9798-1F324488A54A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AC9F52F-6669-459A-A0A9-8F472E1F2761\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7E91B92-4DB7-4866-8370-C6F8616D3D81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85F465BF-4548-45EB-AC40-384F4E6248EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1DFFFEB-CC63-4F51-8828-C5D4E0287264\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B176D141-26B0-477E-B2DB-2E48D6FB82AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD97F84B-ED73-4FFD-8634-10631FEE03EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3517u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BF84DAA-69A2-4437-9AF5-972FB1569990\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3517ue:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41804B09-DFF0-48E4-91AC-6499FDA21C26\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3520m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71BDCDE0-A21F-47F1-A253-AAA5EDDD31BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3537u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB5B6864-B51C-4C31-AA93-C7C170F4BD28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3540m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D38D1F4-8332-4EFE-8998-86C654403C6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3555le:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04D88300-9CC8-4725-9BEB-BA705CFD57A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3610qe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1932E842-21A1-4D9F-A755-4201BD6721E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3610qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3257ABFD-7053-48BE-8827-311E9E922501\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3612qe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8194009-767B-48E8-85FA-EB5F242C1B9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3612qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CB92F26-67EC-4110-AD45-62530E662E45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3615qe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7035D479-4C83-4A41-9164-6D8557E8F598\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3615qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF5113F5-A058-414F-B82B-EE91C71DD4AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3630qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47D5CD40-9F2B-4021-B43E-E71B3E78B7E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3632qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09B0D125-332D-416D-A379-F0D7C1F9DA27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3635qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDB62B03-84E1-4514-BA89-1E13705F672B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3667u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A036D2F8-6666-403C-B187-7884CE5D00A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3687u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2BBBA0B-7761-44BE-82CF-92C1C3E25CA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3689y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89771BDB-E24E-48B1-885E-22B1A5BFD228\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3720qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59247DA5-9162-462A-9E3D-3FFB23CFCCED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3740qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C75CB4A-259E-4B40-B8E0-490B93DD11CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3770:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F47B9E3-118C-4270-824A-6A1BD2CC2121\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3770k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAD0A970-9B15-4D9E-8644-15C5A93CEC03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3770s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0144B84E-7286-4316-B408-6F860FF03C28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3770t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5709EB3E-5B0E-46C7-9B6B-26999818EE18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3820qm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFD1A362-9C06-4BB7-830B-B308BB44A3DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3840qm_:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"904FF4A2-D2B6-4B3E-ACB2-3079F5098397\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3920xm:-:*:*:*:extreme:*:*:*\", \"matchCriteriaId\": \"521F58D1-C114-4D81-88AD-6EC56A7AC686\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-3940xm:-:*:*:*:extreme:*:*:*\", \"matchCriteriaId\": \"D596B65D-A288-4DF1-9022-9E4946039954\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4500u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"677C66EF-E9B9-430F-A19D-2D87AD83DBDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4510u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFC25D04-7FF5-4178-A7D1-795B6A6134E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4550u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"238EA0E0-0FD6-4DA4-93C8-83490BB61A73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4558u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73BBB876-4CC0-48C9-A40E-B2A017D7E8BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4578u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"757DBB7A-D8F1-4BA9-882F-4A112F41D3E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4600u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6B019A1-F44F-426C-BE8B-189E7B0CFDB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4610y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DA22F64-0372-49DF-AB8F-0DF5519CB221\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4650u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D973CBCE-D6AF-49A5-A8B4-355E866DA51B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4700ec:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A9D9852-5090-4BD2-B311-E6A7B7837795\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4700eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78AB646B-1FE3-44E3-A762-911843934439\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4700hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B4D9DD3-4EFD-448B-BA6E-175A99F47C99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4700mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"840CD8CE-E506-4273-9A42-80488E56FBE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4702ec:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A6E0594-D194-4840-A323-FE0EE56D7E97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4702hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"794FB0BC-73A4-4FBA-8613-42057E8FCB1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4702mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66B08A47-9478-4F1A-9959-BB9C7BC1C9E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4710hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43479AB1-1D98-48EF-BD29-3EA0127CED22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4710mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12F8412D-F1D5-4219-8DD3-EBFC1BDF27FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4712hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E974332C-498F-4183-8CE4-56BF61A7950E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4712mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7125D26-367E-45DA-A9B5-562310D8E01E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4720hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3B71011-540B-4C21-8E8F-FDC7AA80B557\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4722hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFDAAA3C-F332-4799-A0B3-952CB076E199\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4750hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67AB6E17-4975-4D45-9B42-FA2EBAF2D73B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4760hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ED0763B-9406-4644-A60A-676B665C9B34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4765t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5DDE5AC-EB56-47B3-A737-05FC0050BC62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC81D07E-F6D1-4B75-87BD-5A79F182FC03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B99F445E-2385-46CD-959A-32B95DEF22FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5277739-48A8-447A-A730-1C45107182F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC7A7DE5-019C-4FF6-B810-3A5FBB8A9276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A321932-8B3C-49FD-87B2-CCC215A6A2A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4770t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57585A7D-EF0A-4EF9-8AFE-A5F6AAAC9EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4771:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ADDCBE6-9148-420D-8DFF-AE6667DB71FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4785t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADEBD889-5D07-4620-8E80-BEA16E7BEC54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4790:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BF582C2-6958-4060-A49E-AC943678C5A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4790s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDA7EEAE-64FE-4891-AC8C-019B1242E12A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4790t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB407F25-0554-4CD0-AC93-FC546EFB52DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4800mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D83B6CD-CF5B-47B2-A547-C6EE8F901203\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4810mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20884D35-BBBA-44A8-BF14-95103C62F72B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4850hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A14A6ECA-8879-40A2-8E33-156541B4E35B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4860hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07AD0193-68BC-44E6-99DF-DC266B16A8AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4870hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D38873C6-BB11-43A1-8233-7828FF143CF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4900mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E079890-9A4D-4AF2-86F4-3663789105DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4910mq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9CB4BA0-CA4E-4C45-9A49-92AB0D411A95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4950hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"074C330A-B69B-4414-8B80-E67A6AFEA651\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4960hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EDDDFB8-3F05-4912-ABA3-A9F52B6636F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-4980hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38ECE802-5548-44A8-9777-081C28402AE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5500u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C34148EB-C6A7-49DE-8139-316F710D57F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5550u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EA33B05-493C-4F55-82D9-5F2C942A603D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5557u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E8D6B87-CA43-4773-B13E-EB07128E5501\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5600u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80BAD40A-BE40-411C-A5E3-19C264BF4805\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5650u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCD85430-4610-41B7-B7BD-CD3AA5391FB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5700eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA71265A-4E37-4AC6-97D4-ED31D94A35B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5700hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91CEC4BC-098C-4B8F-AA4F-25B9211010D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5750hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9453959E-FB00-441B-B9B6-4BC75DD534B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5775c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ADC848D-C1AF-4FCE-89B4-DD3ABA050202\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5775r:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0846BDFE-1643-49BE-8B48-03EC17B9BAC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5850eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B131EF48-4094-48C4-807E-4A76156A34CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5850hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"466ECE77-E232-4C03-83A2-FBAC06C82021\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-5950hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D98586A-473F-44D7-B299-9480129AE8DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CAD248D-0B95-4BE1-917F-E0976447927D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6510u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"104F999D-584F-4D34-9538-679EDBE3B180\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5726D5D4-F188-4F06-B78A-2C7C694A40E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72467515-7793-479B-BABF-839275CA9AAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56B79264-C756-408C-A32A-BFD4AA0B20CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D3DB891-40F6-4000-BEAE-A1710C70C43D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D3EA33F-D137-4B24-9211-C8A62A7427A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86FFF97C-C121-4F91-B62F-057356B0A048\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"213B09CA-91E9-4D11-AA11-B84F40495E9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAFC55E4-D84D-4588-976D-1E2637B1BF0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCB20762-51C5-44DD-9CEE-FEEC1E9C0E5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAC1A189-D822-405B-A090-B1573FE12B14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31C57E58-66E3-4FEC-A88F-B82C4B372B2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C173CF7E-81DF-4AD5-AB17-A4C330B933D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"638549EC-1BB1-4206-B8DC-C0101BBEF8A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8F450DA-5FBA-47BB-9A7D-75873FB3E69F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"112701D9-7154-46E5-BF36-EE36A607C7DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87B5258B-26E4-4853-9F27-4BB12886CC38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B1B04E8-A31F-4027-8E05-5461E7855F04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49BDD476-E402-408D-9BD6-886AB195704D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D566CFB-935B-40E4-9F4E-6216A42E7EBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7510u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8065A9B-4236-44AE-B60B-17F6695A705C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A97ED15-D0C6-4B64-BA08-EE50A6990272\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6A121D8-0D01-4AA7-A1D9-5E2B9F0D30A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D57834B-C031-4301-9839-7A32F13687EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEE126ED-B743-4C6D-95FF-04F473A9A008\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D901944-8E2B-41E5-BB82-CF1C97064711\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A13E353-0063-468B-96CD-97BF91C747C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"913BBEFF-49E7-42AF-A850-B49E5A12AB98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FE6AE98-E4D9-4FBF-B90A-2B170A0AF26F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E9EF2F2-750C-4CB7-9858-69D7FFA4EF31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8C1205B-6AC7-4DB5-B247-2108511D9957\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA47107D-237A-4184-8BA2-601660F7FB5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9862E49-124E-4B7D-941A-CFD2668B6481\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE6572E2-5B24-4E21-9F6F-3A7A17A9F098\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85C7AD56-CA31-4C08-A5C1-B50E767E1FFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"957F3AC9-D071-4932-B2C9-1643FB78BC7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8510y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B8DD6D2-5F42-4E44-A4BB-D3179D83C2BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1395788D-E23B-433A-B111-745C55018C68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05EA3461-021B-42CD-B4BD-4D2E8703DB93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB6774C8-431B-42AC-8955-02B529222372\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8560u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA0960D2-93EC-4CFC-B901-E38A59B798FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F41025AC-6EFE-4562-B1D1-BAB004875B06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC1ED81E-3D62-47FB-8FD4-B2732525C33C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC82E058-25FE-4B6C-BA3C-AB043CFAB113\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34DD3CCB-91D5-48D6-80BC-CA643385BCE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8670:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86817715-BF5A-40C8-8250-7A8CD637C05C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8670t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAAC740C-A02E-4342-8388-B85DDE54DF25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04076FFA-D74F-4501-9921-D8EBDF97CD20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4440FC7-F90C-44E0-B7FB-C88BC95EAB77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8846D3C-39C6-48BE-9643-ACC479416257\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07279DDB-B07D-4224-AA1C-24B4F3D63BB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F423BBE6-327A-40DC-8BCE-BF43600A68D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08718840-D468-4E86-8FFF-A2B1841E6BF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9B77426-B579-43C6-9340-F291138ECD7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE776B91-9E25-48F5-A4F0-EB36B704AEBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FB0C1DA-60C6-4C9E-99D6-7A47696DACD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2EB81B1-7DEF-4CC3-ADC9-A4CB1042E406\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D0320CB-05E3-4D5B-BCEF-D862566B0AA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"469D79CD-B627-4ACF-ABC7-0EAE5D41A005\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"659206BB-510A-47F8-8B6E-FD030A6BE1DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C3257F5-CA55-4F35-9D09-5B85253DE786\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6F8CEA0-1CD6-4F17-85E3-C1CB04D9833A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A48A2969-DC53-48E2-A5CA-4DF2B00D1960\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71AF96FE-EB28-474A-B260-EC22B4A334A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y10a:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F61261-1AF5-4B77-8065-25A6B0AFFEEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"232B0352-B020-4CAA-A5E3-38E75A157C4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CD2FE9A-BFFB-4EC8-9C44-26B2D9911B5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y51:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A5C29F-3597-4846-8CEC-74C8C73740C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y70:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"091D17D3-213F-4EC7-81C3-CD96AB7BC89C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m-5y71:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F011F80-4FBA-490D-AF5F-F6DDC941CB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m3-6y30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"831048A2-657F-4F2C-83AC-802DF45204A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m3-7y30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18340F86-5545-4EEF-9F79-6560BB24F277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5AFFC8B-3AC1-49B4-9A73-18A3EC928591\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m5-6y54:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0504478A-E635-4A8B-A3F2-BE0E5908A7AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m5-6y57:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AFFF65E-6576-41A5-82E0-F2EECDC64743\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_m7-6y75:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E29F8E70-5429-4756-A574-C7B60BE74A86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_1405_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C25607D2-8404-4BD1-9E42-7ECE8DCF3E9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_2020m_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3475F6C6-4E36-44E3-8E84-25ED06B4DB4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_2030m_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E859E810-7280-464A-AB18-10E6DC6B038D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_2117u_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3255C643-CD77-446B-B98E-083D2F07CE12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_2127u_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"493C0F33-F0FF-4828-9210-5976F0259D18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_2129y_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B612898-5BC9-4880-AF5E-F498A9634EFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3205u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB8E1648-C77C-4C8A-BBDF-20468FF3BA00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3215u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"779DA292-A24F-42D6-8013-9DFC27BD8C2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3556u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EF5B50A-63E4-469B-9D59-A2C7BD6F2E72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3558u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC84C9FF-5E9B-41A1-8FF7-88D3F6687894\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3560m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"489DA073-57C8-4904-90B7-F4E94CA34DDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3560y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8165EF6-316B-4EA3-95C3-F84B0028024F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3561y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00024F21-F6FC-4EEC-BFD4-3723CAD8F8EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3665u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD0D4FB5-8ABF-40CA-AABC-EF97D8993E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3765u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D6920AE-35D7-4A6F-9169-4EC5E7F2902B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3805u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E24661E-9974-466F-AA8E-C57048DD0978\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_3825u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFB91D35-0E4F-478A-AE1E-7C8645DA51E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_4405u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4156AF88-99DA-4331-93A9-07F2049D6B07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_4405y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5F17DA0-EAF5-4BE0-B6CE-AE710C3F871E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_4415u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"079877E5-12C3-4A37-98F8-443DA366BAB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_a1018_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5E6A6CF-12C1-452E-8450-18BD2D4FD95C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_b915c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF838448-0E87-4E73-AF51-55302B329E6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_b925c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66D7E11D-B0E7-42BC-8A6F-3B77D08EC79A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2010_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1290CDC-0F8D-4860-85F7-A4B1B40E1F44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2020_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1110D3C-D880-4D4E-BB68-5A305AD3D5C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2020t_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1623BCE2-AF99-45B1-B156-E81CE0D89D72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2030_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C2D72A6-9227-4F44-8243-626AF77A0D90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2030t_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BBA4425-A154-4F6A-86D1-A05D6FC26963\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2100t_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"311F9683-A58C-42F8-8044-711A7339EF4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2120_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FADD9066-D903-4B59-A9C1-7987A7663ED7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2120t_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6C28AE-BAB8-4FC4-910D-A935B26D00E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2130_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"341AB666-177D-47D2-B2BB-70C17400AECD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g2140_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADD28BA3-D5EE-4CA4-8A2B-3DC44BCB400A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A920E6F1-4226-44D1-A86E-43247DBC97E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3220t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"851A04D2-49C2-451C-9CAE-40E98C729EAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AB0A5B7-DF08-40B2-B185-0956B2D7379E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3240t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9591F53-E005-4DB6-B162-0DF218919D62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3250:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"556DC4B9-4302-483F-BA37-2AF4801D5569\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3250t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F71359BA-067C-421B-B647-1D69C8BF7ED0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3258:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63002B5D-D73A-4EE5-B0CB-21EDF718E70F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3260:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B9F42F2-D5D7-4220-A327-359D3BF1C09F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3260t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C558DDC0-2998-476D-96B2-54235CEF4AE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6090D78-51C8-4295-A4D2-700AD290F745\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3420t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACFB23AC-680E-4EE1-B9D9-E2B96E3794BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3430:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E3D70C-F003-4A13-A9EC-3810E9585FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3440:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14403B92-E903-4093-BFAB-F7C639D63862\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3440t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D252FFC3-B059-44DD-A4F9-49B591B4FD18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3450:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7075CF7-B643-460B-ABF2-9AE24ED68FCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3450t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"631CD42C-4F66-42A7-8F9D-114CF866EBDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3460:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB7720B3-5489-41B8-BD0A-A6E5A004568F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3460t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D6BBB-3056-4AC3-8960-5BA6C2F74367\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g3470:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CBCDE97-E95E-4B53-B4C0-19F026A47229\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A85AE2D5-1BA9-45F5-808A-166E27D7D6CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F142F6EC-F106-4828-B152-13612273A7AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4400te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF5D3457-C139-499F-8B41-57C8E7E66D40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6FEFAF2-7784-4407-B58A-A0B1DA84415F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4420t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD36DCA7-31D4-4E50-A38C-C437CB2BB439\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63BED4F5-65DE-457D-9BDF-89AA5369304B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C590C99-2770-4D63-9837-D1E1F251675D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4520:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1FC6A24-AF3E-4B7F-9C12-E947C3E4BB1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4520t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C90F5FB0-7AAD-42F2-9780-E93A82E0C239\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g4540:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B207606B-14AD-48D0-8219-A54D2617F067\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E80ABC5-7BAB-41A1-8D61-481A59BD9C21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A82B8D9-E751-48DA-948C-231ABEE90B54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7706D22-7E16-4068-A467-EE2D4BFAE968\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5420t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8D28A52-5EE7-42D2-B942-7A341AB00AB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ACD1AA7-8805-42A2-852E-C839417B10E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C55F7F50-61ED-487F-AB1D-70B75D972184\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_g5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AF50627-7830-4984-8F12-7B73C51E5828\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE118AB2-A2C4-452C-B9AD-DDEF65B5EC67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43126A13-5931-4989-BEFD-E1A096F98D94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"342E0783-288A-4DB0-A657-29937903927C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4C40F91-138F-4396-9A6B-B969F6AC30B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23CA9365-B1C4-4188-A9BF-19215AFF58A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4797D2E-1270-447B-BFE4-CC96D9F10D5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CA77EB3-6F11-43BC-8B59-84217AA73205\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0866F1A3-8B9C-4B5A-B30D-71B3465EC80A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"331B8F10-3A20-46A8-B960-3546271CF701\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE638E59-DF75-43B1-A6DC-10A838B05B00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"109FA97C-10EE-41F9-B52B-B37E31642251\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2184g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3FB62DD-090B-4434-9056-09427B66AAF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A67B3834-E59E-47AF-A806-13A990E812B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDA04EFF-A9A0-4900-A2F8-7C0D346ACF6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79214F8B-1090-4DCD-B1F4-0FF78FC29C4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD176FB0-7427-4F2E-A969-72062BB3EF98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B278081F-F900-4581-9D10-B5A2ACD2E2C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBBDAA3E-960B-4E84-AD3F-2F8B3A4FF903\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45689B37-5085-41B3-BA9D-F05FD07DF1FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7186EA5-448F-473A-8FC8-058FC823ACC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C12F0C71-8F25-4C77-A3F3-1231AC53C0CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB179A6F-FED8-45FB-89C7-3B17D6F5EB21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F58AEEB9-919B-4C6C-83B6-080846786A56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0BAE174-A158-4807-9D67-36F795028D76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAD38AEA-979D-484B-82F0-0161BA39E9F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"780AB9F4-0C87-4528-B53A-69FBC4D87ADB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5AA7BB1-6131-4206-8F99-BA8DCE60BFC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2CA54AE-915F-45B9-B775-C04589E49802\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB86F018-1F56-4146-A78E-C7BF7B616023\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63650DBF-4DBD-4655-AE93-5CBE53F8E0FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00912C9C-D386-445E-B390-E96361ECDFA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60B582A1-784C-4BE8-A0D5-706DE01D769E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2284g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56F30E1A-8EF1-4C90-974C-791312241BCA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"556637E1-9502-41E7-B91D-082C92F233A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EA930BC-EF68-4AD5-AA1B-0659358028D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1105c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E70E7B6B-C4B6-4864-939A-A0D8D648C661\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1105c_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09BD9ADD-4FBE-4A12-A5F0-594B93824671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1125c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97560433-94FE-44AC-98B6-E371C878162A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1125c_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E82681A7-C9A8-4CCD-A19A-B4D53343B34F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A2BF613-A53F-437A-A483-564BB4D8CC96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0493CF98-1A11-41D2-B719-6D94583232E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E629CF7-A706-4DD3-B3EB-A1F9711B0372\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFD11A3F-A2D4-4B09-84D2-548F97268805\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220l_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72953F49-8FB3-4D07-A1F9-96D682348679\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1220l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF9C696B-FA4E-419C-B036-76DCBBD9022C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1221_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92ABFE16-E712-4805-8DAC-AA17C5214631\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1225_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E8C4032-40A3-420E-BE9D-ADA27443535B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1225_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"771E2F3E-3FC2-462E-93C4-12301660E6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1BCDBDF-A902-43A8-94A8-13541FB8CB32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E031BE7-87C6-4E4B-8988-020221ECAEE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1226_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58BEE344-48BE-4D5E-B5BE-9391255C8550\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1230_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADF68144-22B0-4B0E-A73D-6FE38C213C71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1230_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67A9DE3D-FA10-4C8A-952F-979DE9B19AA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CC1EDA9-6CB8-4643-AC65-76B892319879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49C57129-0A27-4142-BF6E-68A558773573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1230l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73B301CD-6105-448E-B013-52F894D8106E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1231_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE531899-3AB8-4540-9099-BE4A0FB75EAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1235_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B86BD818-70F8-409B-AB96-53CCF490B7FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15DB4F8D-E42C-4119-83BD-44D6AB9319B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7FB452F-4FFE-449B-9846-198A61B1F521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"231327DF-C1E2-469F-9C5C-25B14541F3AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51E0227B-8F2B-48B3-97BC-73BA1BACEED8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5EFEF14-4ECB-45C9-8911-01FD7B115D7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6A3E845-3883-4034-B90B-3ABB61BBD1D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8BD1F0B-7B75-4A5A-A708-BDE56D237354\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1241_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BE15F08-0B49-486A-808F-5B647142F093\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1245_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C661F8C-0F1B-4A0B-9B0F-A845883BA3D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1245_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15236325-68D7-4D7F-B500-A79AD02812CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE01A935-4048-4578-8FBA-1D12A95654D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"333364EE-BF57-4217-9517-2C1B95B826CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1246_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB7C3F31-16F9-4177-B7F2-B865010A6EDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1258l_v4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB35FC19-9CDC-46EB-87D5-F2418F16B548\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D45FCBB-CC03-40A8-ADCE-7AE0A7AA05A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1265l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC84425F-C08A-4188-82B9-E56F22DFA17D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1265l_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2F157D9-5288-42FA-943C-53F0D227590A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1265l_v4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F3FD78E-7790-4CFD-88F2-46889CBE1BF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1268l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0BB6C08-9816-4F79-A91D-84B7E365D586\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D7D164-E631-4D49-B87A-0B7885148790\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1270:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23544F02-3847-4089-97F1-8C29B5596B9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1270_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"251A501D-9744-49A7-88E8-035C239B06C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA74EB5E-3D7D-4E5A-8D7D-AF902F8BCF8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F2476F2-6A8B-442F-B054-738F36613CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1271_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95F1E851-0C83-466B-A89D-03486BD90CC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1275_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"000FB0C9-0642-48D1-94CC-A035145963AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1275_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98FA6E45-B945-4923-84FD-B34F2CAA15C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2A10975-3375-4FB3-A008-56EB2ACD2737\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BC9CEA2-C621-4DCF-B64C-5495D3208DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1275l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"565C5D54-D6C2-4387-AA45-F18C4DC344FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1276_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5516A1EB-1A09-4248-A1E0-6438751DA0AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1278l_v4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4E19F29-3E2C-4F0C-A887-07E68D1EFB3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1280_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC228684-3F7B-477F-A010-66CD28B64ACD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1280_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"99848B67-F10E-4DD0-B394-A30463EF0E0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6A99895-6A48-4A44-B0F7-7BED55C677FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A32F3CD6-6BA6-40E7-9580-3C1A455B3C99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1281_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FC720A2-BD40-4FF7-ADE3-52430B263AD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1285_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4FBE620-5CA2-45B6-9CD9-15928146F23D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1285_v4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A656CC1F-943D-4B35-931C-CFBF8F3110B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1285_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2559D24-F8AD-4202-A00D-F48D51A0940A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1285l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3391CFE3-DDED-406A-8126-416C29E20A34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1286_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88DDE104-1102-4847-AF28-55A380E8C4C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1286l_v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53E830C3-BCD4-45F1-8D00-0DE7959F4369\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1290_v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37C7A319-3FB2-460D-AF17-D70903EC53DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1501l_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37AF4F98-0672-4101-9825-57B0F64EDBEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1501m_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2231374F-222A-4BA3-B14D-F69860668F7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1505l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"057E3667-7BA8-4142-8A1E-B957333D776A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1505l_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31BF874F-B640-4A18-AC92-F0E16AB7E1C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84A77114-92C8-48C4-9D12-3ACC3030D5A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"542BC61B-1EA3-4C42-BB99-C9C67EE82F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13B5BF22-5E95-46A4-AF05-450CFD1312C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9490F926-AD57-40F3-A523-61D67486DCB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FA12E60-4B0A-4723-8A02-3115494CD1DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29CC9B92-CF59-4121-9638-F4D4521952D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CC6592D-743B-4656-B1C0-247F36ABE5CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCC32129-C5DC-4D26-96D5-219F5291D6F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F4426C-970C-49DB-950B-3F5ED17E682A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1578l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4ADED698-2702-479C-A24E-E9E6F35E9AFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D86C0CFB-72A3-4446-9601-2C956C9A71F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C578D9-8973-4F36-8BA4-9F4F3A8E0AE6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"8D305F7A-D159-4716-AB26-5E38BB5CD991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"496228A2-6907-4970-BEDC-E9B44CBF7CCD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ADAD919-32C1-49D2-A419-C9A803DB6250\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"22.01.08\", \"matchCriteriaId\": \"F5320759-AAAB-4FEA-99AB-51A7F7EE9F58\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"506DEE00-30D2-4E29-9645-757EB8778C0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"26.01.07\", \"matchCriteriaId\": \"36E7D51E-4657-4594-BBD3-F98E3E50F4E1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F3C3E60-7C36-4F5D-B454-97C9D0FD9459\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9830BAC-C836-4D00-8E21-28F180A59163\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49D276DE-950F-4A61-BA13-DD5D07A17571\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6A2E4F1-7402-4EF2-8559-B9318A01C008\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46CC8AFE-ED6C-4A50-AC80-D2309E03FAE4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.14\", \"matchCriteriaId\": \"77B3A9A8-2AE8-4938-9114-BE75DDBB6A1D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A40D0CDB-7BE6-491F-B730-3B4E10CA159A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A946EA63-4FA9-44B8-97F4-E53A5DAADE46\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"754A6744-5194-4A99-BD3B-944A8707C80F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.14\", \"matchCriteriaId\": \"AF94A909-1192-41AD-9717-EC88B30B8DCF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDF9D4C3-1892-48FA-95B4-835B636A4005\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.14\", \"matchCriteriaId\": \"C7011395-6ACF-4FC5-AF8F-971427128D27\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.0\", \"matchCriteriaId\": \"65A6E7CD-4AEA-465D-89B3-6EF66E4F17B6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55156889-E9DA-4F04-B894-339DC39CA942\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6A15ED1-124A-4642-988F-890FF4162346\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9DD4A97-1648-4C7F-A5A0-6899BD13A617\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"r1.28.0\", \"matchCriteriaId\": \"03F52E28-42B0-444F-892D-749B9A7EC498\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EB339B5-602F-4AB5-9998-465FDC6ABD6C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A30CB799-FF9A-4E4E-A3C6-EB12CE2EB5B0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"509AD120-3465-4C00-AAB3-B6F6ED708B51\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.06\", \"matchCriteriaId\": \"1291471D-D36E-4ACF-A912-76697396CDE1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D9AF082-8345-4BE1-B1FC-6E0316BB833B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43337EC1-0BF8-40B3-88BC-38F06EF48DC6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0EF28FB-BAB3-4710-9D25-25F67ACADC60\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.06\", \"matchCriteriaId\": \"7CAAF2D6-7799-4BB7-A151-561E8AB260DA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E430C4C5-D887-47C6-B50F-66EEE9519151\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FCA9FA2-AA26-46A3-9E2D-3C87BC2BE0F3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"057D9947-CE4A-4B4C-B721-4B29FB71350C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.06\", \"matchCriteriaId\": \"F4DF4B0B-F376-472B-83E0-1B7E5F87EF6A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F9FA42D-B2F0-456F-89B7-6A5789787FBA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A03BCCF-9EF5-4353-8886-15DFE6A35765\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6D87239-40C1-4038-B734-D77AC4DDD571\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"681C8A24-C3AC-4CF4-8283-DAC337909CC9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8F37D88-E086-4060-8420-BD0F8D8FF580\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.06\", \"matchCriteriaId\": \"8E63A5F2-8767-4E25-8785-F8F197B77F7A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1157418C-14C4-43C4-B63E-7E98D868A94F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.b\", \"matchCriteriaId\": \"BD3F04ED-C6D0-4387-BB3A-31C86B1F918F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc3000_smart:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD37AB3C-6E1A-4E8D-A617-4D97B4501A28\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"23.01.08\", \"matchCriteriaId\": \"4ABF49D4-34CE-4DEA-AA2E-A40A53472D1F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"187C6D51-5B86-484D-AE0F-26D1C9465580\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F66E1293-5598-4A7D-8523-951F62080B22\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EE09494-625A-4FF7-8B3E-6510FF9AFC9C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simotion_p320-4s_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D77F8F19-06C8-4B8A-8436-26508B2277DA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simotion_p320-4s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A49883F4-8360-4895-8E9E-B274A35BDE57\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:threat_intelligence_exchange_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.0.0\", \"versionEndIncluding\": \"2.3.1\", \"matchCriteriaId\": \"E26D80A2-E490-44B6-A8D2-1AEF487E72B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:threat_intelligence_exchange_server:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0F26126-55C2-4E2E-A586-D93FF38ABF6F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"Una limpieza incompleta de operaciones de lectura de un registro especial espec\\u00edfico en algunos Intel\\u00ae Processors puede permitir a un usuario autenticado habilitar potencialmente una divulgaci\\u00f3n de informaci\\u00f3n por medio de un acceso local\"}]",
"id": "CVE-2020-0543",
"lastModified": "2024-11-21T04:53:42.440",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-06-15T14:15:11.207",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2020/07/14/5\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://usn.ubuntu.com/4385-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4387-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4388-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4389-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4390-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4391-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4392-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4393-1/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2020/07/14/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/4385-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4387-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4388-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4389-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4390-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4391-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4392-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4393-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-459\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-0543\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2020-06-15T14:15:11.207\",\"lastModified\":\"2024-11-21T04:53:42.440\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"Una limpieza incompleta de operaciones de lectura de un registro especial espec\u00edfico en algunos Intel\u00ae Processors puede permitir a un usuario autenticado habilitar potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso local\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-459\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8BE23AB-1F5F-4FA7-8617-D4A4C9D5F6A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1005m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5FDB66-4805-4EB5-B6BE-938D40C48C25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1007u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DD7CD7F-F0F4-408E-858C-8EB9BC82382E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1017u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F898D49D-6B5C-45AA-A166-BFCE5CC9A6E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1019y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29560B2E-DAC6-478A-84AE-508AE21D0AEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1020e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAB9B322-ACB3-4505-8281-2A365A21D286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1020m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D54B11B-18A3-4DEE-84FF-B5A32C7E60CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1037u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0198F9C-60DA-4D91-9FD2-5CC65ED346ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_1047ue:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7F39FE0-A9F4-4232-B925-598E4F9167A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_2955u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6886FA9-E9FE-427C-A403-45C554ADA19C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_2957u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3BE78C2-660F-4C48-B0F1-05D0116F0FDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_2970m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDB04659-871D-4B1E-9681-D5ADCEAE2CE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_2980u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F21EEA7-EE23-483B-8B01-5324E0063B2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_2981u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29792C69-EAE9-4DD9-B127-5AF1FFA9A1D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3755u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8FA7CE-FF47-4918-8171-EDCEA156C314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3765u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F086FB-60AA-421A-BA6C-C687B54A4993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3855u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44FEB5D1-5177-4B5E-BB06-0C7E2A0CA6D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3865u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20F761B4-2DCE-4E31-9974-C399B4982EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3955u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9796C997-40C0-4C75-B2B3-06D037138976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3965u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F8482B-2E48-4976-83D0-F1E4BA015FEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_3965y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D36CCEB4-62C0-427D-B4B3-41F9B1B9194E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39831D4E-743A-4C09-900F-24DDAB5D1B22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_725c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED49334B-38E1-4212-A23F-FE5437B773CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_927ue:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5AD98D1-5A73-4A92-A6F5-D9DDC14056AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1610:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4003B029-36AE-47CD-BFB1-1F06DFEBA0C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1610t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADF19F8-54BB-4BF4-BF1C-515EBBEE2060\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B67D44E3-F8E1-4EB9-8D91-5777DC97D497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1620t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4AC5E9-94DB-4970-BE29-747503AE81E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1630:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06FFA194-E200-4F4D-8E66-60D0134184E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1820:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12FD8D3B-0FC0-4E8A-9476-3092BAE9F15E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1820t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B950F6FC-2848-45B7-9C28-B0DF46BC442B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1830:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95101653-A2BF-47F5-A209-097CA98A91F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1840:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72870A6-E156-46AE-A5C4-B9B8F10C147D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1840t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAD76063-D9C2-4F41-B7D3-29A32678B527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g1850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95826FC7-9E92-4C6A-8F16-9D20B8E41F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25847980-2D7B-4D4B-B0F2-C2CAB648182C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3900t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5723C9D-E59D-4FA3-893F-D79E726025C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3900te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25BC4638-06F6-41C9-BF0F-74037F24CBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3902e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11A64939-F09B-4FEC-8F1D-FAC34D8E14BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3920:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D7291F-752E-409F-82BE-6060BA5E2559\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3920t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17560EF4-27C7-466A-9CD1-164F1B0F5B79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3930e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"226CBC16-EC2A-4498-ADB3-655A0E9CF396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3930te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9278297-5E4B-40D0-8782-E5AE87E43B7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g3940:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A562A07B-EDC4-4545-AC10-6CAA1494C6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g4900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B801EF4-980C-40EF-84A8-4AA2D29CFB06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g4900t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2129E439-63C1-4CBF-B39D-2941621AB454\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g4920:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E9CDAC-8C63-4F9A-B171-9E5E11E5313E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g4930:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2A4A2A-CB99-4AEC-B0EB-11763E6C0E0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_g4950:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22828766-08EF-430F-A0F0-F59E772E38B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_4205u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6F8D167-C5B9-4B15-8861-529598D1C491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_4410y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E6A6A15-1406-41C8-84F8-E0C202F554DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_4415y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B0FE5D-07FD-43E7-B89E-BDE6D6F49D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_5405u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61FFCFE8-2B6E-4EB8-965C-AA5CB5493516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_8269u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDB4120A-B29F-496B-8FEB-CFD4A155202C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_9300h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04AA92B3-DF06-45C3-8E46-D721262EFE71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_9750hf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"454DA7E4-ECDE-40C8-AA8F-181333BEFBE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-2115c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"166ED4A3-9466-4072-BD9D-B10AE3B98D31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3110m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60EEC961-3871-47C8-87F3-E803E2DD63CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3115c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBB7DD58-9F34-42A7-90D6-39B29933527E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3120m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C95EF0-D6F2-4F51-BA74-88B56F0FBED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3120me:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE48E32B-9FF2-4F16-8E18-F982994457CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3130m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE4BF988-5A82-4A0F-97EB-8D709CE5417D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913D6C36-8335-46EF-9164-E6FABDFFB6B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3217u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8A452D4-0DD6-43A9-9390-A62AE48AF310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3217ue:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E95D40C-E599-4297-8079-39FA45AEA395\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E117D09A-02A0-4A4C-8233-98C42E94A580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3220t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCCED1FD-FAC8-4E12-97DF-5ACAC0C55632\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3225:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8C1BC59-9CB9-4A88-B414-0F94AF440086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3227u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5E6FE39-7A75-4897-8336-9E4AFD77E3C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3229y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFFB351B-14E8-4145-A733-07586AE4C920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"869B680B-2585-418B-9C5C-349A3339C753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3240t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8009F20-942D-47B6-9C6C-3DB33C334ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3245:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DFFAE3-24FF-4A9E-B3AC-93406A362E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A219AF5E-BD41-4BFE-A299-6B45DB027663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-3250t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB755E29-BD69-4FFC-BEED-C5AE16357394\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4005u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDC0FB13-6766-4ED4-BF2E-439BEAAA29D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4010u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4201168-8AF2-4C17-8D49-89D77062B835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4010y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB9DBB4-5202-4A51-94BF-330756FED881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4012y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10606356-43F2-4DEB-AB52-6810FDD4CE49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4020y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D690FD7-DB10-4071-B156-09F49E71C479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4025u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"225F1973-15DA-4D6D-89EA-17E6AA10C36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4030u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD2F2F4-395C-4AB5-AAB0-0CB6FEE8ACE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4030y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AF7A04-AAC2-4B03-9F66-5078BECBADF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4100m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCF1BEDB-776F-4CAE-84F5-F29F7EE20D69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4100u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F33467-2074-4775-871F-013A513881A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4110m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD8C3F8-2B03-4FC3-826B-529B0AE005CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4120u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"435E1592-37A8-4436-8755-95FB585579E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92C15BE9-B984-4675-AE59-9E275C4763F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4130t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"983FD869-68B3-454A-AF09-4AAF2F59BFAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06C65583-56E8-46E6-A0F1-A46405460188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4150t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D3C6D6-504F-4FC2-A871-C4B36A5949D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4158u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49482ADE-4DDE-448C-B491-88AFBBF08381\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4160:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D246820-03D1-48CD-9A08-2328D77428B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4160t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C714E08F-C724-4C36-99FC-4A85EB2B8BAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4170:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"793B03CA-B9F9-48CC-A0C6-E1FF86B71199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4170t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F117F239-FA9C-4B7F-A1C7-F0EB0F24E003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4330:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B0D3709-EB3A-48E6-9A7B-0108FAE2AF04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4330t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68066973-CB03-4AA8-9F24-D43C6F479348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C242A17E-6A79-4435-BF37-C503D69EB3E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4350:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7555AB52-CE91-48FE-8950-9E8B98A184FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4350t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9D0B6B6-1CD6-4962-9054-7DB56D584248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4360:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8042533-01E5-4C3E-9EF2-9AF475E2373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4360t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D29161F8-B122-4544-9B7F-9C9498532E44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4370:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4C82B27-415C-4C7B-B3AC-FE398581EE81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-4370t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A225BD-6E71-4EF0-A9DF-50AC5D94139B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5005u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3F45AB6-55EF-4ED0-BBAD-E78894ED399B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5006u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A4DB9FB-2256-4D44-9DCF-A8D6AFAE091B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5010u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA07BF1-F5E6-4AFB-AE92-26E3E5125064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5015u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A627BB-47E3-4870-8B66-92546ABA0060\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5020u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6DD467D-BCB8-48CA-920B-5591A3E8D4C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-5157u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A64B0EA-FB22-4CE6-81E7-56CFFE12FC5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6E16A4-5B81-412F-9B02-D15288F0EB52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8448F47A-F956-4228-9A13-24AE86C532CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B9E6DB-C9C3-4B19-915B-B2E6E4D12158\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C4115F-E374-47E9-A81F-CC06FA72C67F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE81958E-5DFA-424C-9662-ECB1D9B738D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE0F2403-8146-4CA0-9E89-04022B375CEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6102e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD67C284-EFCE-4530-8E68-42BB1B6F15C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6110u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8CD54D-7BB0-4CA7-99C6-8E3EC20E2265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE3DA00E-1BAC-4227-9ED0-F4757BC23B65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6120t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E0E209-5CEE-418F-B99B-9142CDE9ADE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20B1E424-885F-4BB0-9257-8284A18B1655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BADEBE08-1478-4B88-9E06-5164BA0517DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6300t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D672383-B9AD-466E-8D6C-68DEC432B9A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D16BDFF3-4CC0-4423-8385-C5E49C941F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-6320t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048C652D-352D-4088-9986-30C280BC5C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7007u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102122A3-D47E-4CD2-8151-4B708C39D3E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7020u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F2CA68-9EEA-421F-A92E-E7685EC010EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7100e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C17DCC3-9200-4198-B08D-EAD531B59995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CBD3FB-0835-4F28-BFA2-3D07459066F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F059A42-0B43-4F79-BBAF-6ED05CFFE7EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7101e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6B298A-1480-41C2-BE7C-7291E7256D7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7101te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB3ABEFE-11A5-4EC3-9537-F9C75A46FF65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7102e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14C20D2A-CD26-4019-A266-AB4E89EBD2E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7110u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C8B673-9E57-4970-AC45-EE3526757425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6F9C441-D99C-4BA2-9269-83283507D7D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7120t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF5748B4-1ED9-49DD-9140-DC7B47A30BB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7130u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B608F333-BD78-4082-B2AE-0F5BBE7E0D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F609E73-203F-45B9-9A3A-DC754B33860A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7320t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00A6DEC8-14E3-4A0E-93A5-72BB607A9D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-7340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C195F5C-9666-48C7-A1C0-43E189B17EEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3CA819-AFF3-47F8-AABE-A5F9DA89BAE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8000t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06FDA087-0896-4138-9BA2-8238A845F5E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A63B09-D870-411D-8B26-ACDEE48C10F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD84789A-B7F4-493E-A3F6-D5287ACFEB98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47B28199-5B9A-4AC4-9529-77A6FC591DC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33B0B0C9-54ED-4D7E-B0F2-C87690056800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7DDCC11-A3DD-493E-AAFA-B50050FE3AC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"408A8035-BE57-435B-85A5-9C59D3B2DD42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6287BCB7-8EFD-485E-B40E-AE6B9DB067DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D78093B-076C-48FB-A224-F94F5743ACF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1DCD6D7-7FF2-419B-A41C-CF1FA830F289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8127E47-6082-4313-B310-1C6278471A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C14BA084-59CC-40E8-A62F-7AD1C9DD9283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-i3-8100h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C25C1699-E656-4FA0-A9B7-59A3940814DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62BFF15A-0C78-45BC-8E71-EDF624AC162D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71615EAF-4DF4-4B9E-BF34-6ED0371A53D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"376B6DD7-1284-4BD9-88A4-5C34303CC5D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8515D29-3823-4F9B-9578-8BB52336A2A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3210m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16614725-F21F-45C9-85CA-9F9C8EFE0FBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3230m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6659D386-A44A-484F-AAE1-EA5CB3F17528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3317u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5427E131-5B27-4C64-BED0-C5780595831C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3320m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9969E654-88F4-4F97-A737-C53D078BB9AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3330:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27934CF8-2FB2-4D04-92FC-081F31B18D5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3330s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5552F0B-6AA4-4E55-8871-E3E61B78F0B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3337u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94F26990-272B-4A25-AAD1-1CEE2EC96515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3339y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEC9E4B4-BDF7-4D6B-99E2-9DFD3408EA9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9265D619-7C06-4297-BCA0-7B44AC3DE2BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3340m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BAAB044-56DD-4F28-B794-7F3DF8F403DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3340s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2559481C-347F-4E3D-9E46-FB5E3E85682B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3350p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D61342-E48F-426E-A856-3E0EAD268E5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3360m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22D9B565-1A4C-4344-93E9-05390E036102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3380m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5262FA4-704A-4FD8-AFC6-B35B28768CFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3427u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96D540DD-94C1-4568-9275-01ED97A313BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3437u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEBACE66-D68E-4D1D-9CDC-8A23F387BFE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3439y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBE75BFF-5251-4216-A49E-5CF2A8B69A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C862334A-9B62-4FE9-AD65-383A240E1E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3450s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25345701-D7A9-47D9-8E84-BFD44669DBDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3470:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2E8D01-9A86-45ED-8E5D-83A41D68FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3470s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABE78550-8862-4449-A114-39CDA89C4A6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3470t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3EBF20-9833-481F-86C4-65EF106D2438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3475s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29A1EFA9-49A9-4127-8AC5-78EA78162A8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26059622-2A47-4D95-B32C-867E19BFA204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3550s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E0A34F-29B3-487F-8FFA-63DC0E581F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3570:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"163C5423-A6F8-4824-A823-962147C72BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3570k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48BDE191-B712-4AE6-B577-788934849708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3570s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE7D55B8-E611-4D90-85BC-2159136C47B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3570t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3E241E2-9569-4F13-AE70-F717713AE845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-3610me:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA5C764-BF33-4035-B832-0C5B7A084081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4200u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13038065-613A-4560-AFC1-6CAD2C9D27EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4200y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E44E93A2-5483-4CE5-B3E3-759BCDF67847\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4202y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B769FF2-10FA-40F8-A702-CBF5EBB23B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4210h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71BBDB01-D110-4B44-92D3-D2936F02E749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4210u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"044D188E-792A-4007-9D87-6FB55AA685C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4210y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8D46072-8F46-4FCB-B161-7812B544C1A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4220y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F6A65B2-FFBE-482C-8E08-19E3D72977DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4250u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DC0C2C7-F8A4-4ED0-B4FA-3372FAC11FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4258u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D98CCDE-E246-43B4-8778-9C357AF0C1C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4260u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58AD9023-0D04-4A77-BB47-FAB873342FF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4278u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C41E56-9836-4D9E-8289-B9BFF8836B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4288u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0A15D53-6CCA-42AE-8DDE-B11E004451DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4300u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69BF8F7-AB89-43B0-BD04-F95E7C655766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4300y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5D97AAB-5FD8-40DF-B13F-D12356023873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4302y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A0F7C52-2F89-449A-810D-4EDE87729EC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4308u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC2BEF57-EADD-45C7-93EA-4257A0F8571B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4350u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6778D27-5442-44EA-8B69-3E9C406A7109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4402ec:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260C49FB-83F0-428B-861B-9A34B28EBA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32531475-E54A-49B1-B15C-9366DE0BC003\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4430s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"430479CC-7246-424F-A514-96035A14BA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"061078C4-0B54-4BAD-9E3B-4114893FC8BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4440s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ECAE7B1-7948-45A9-B73C-B362846A13EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4460:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B0D553-AB7D-453C-92C6-E3D08A7FAB08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4460s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D153FDC-5420-4C9A-8FC3-2B29133F6F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4460t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"166B6B12-BEEA-4CB4-B194-B53F382CCC3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4570:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F417FFF-166E-4158-8AAF-B2B46539792B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4570r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"829EDA96-60C4-4BC9-AAFD-2E3CFFD8D878\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4570s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F9933E-9B7E-439A-8E10-AAC45C834A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4570t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB34FDE0-6251-4B88-AA3F-B883639256B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4590:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE57DEE6-5C9C-4A76-9EB2-7DD9A34599DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4590s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BC6F12C-CADB-4D53-A75B-E7D98FF96383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4590t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62D4DE4E-9FE4-4488-8B14-59A87EB6E286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4670:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DCB38B4-DC0E-4C23-9E51-16B73199D0D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4670k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10FE39EA-B42A-4AD5-8343-0B644E795B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4670r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4612D9EA-ACEE-449D-A32B-AAA9474B49B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4670s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C47E01F-EACA-41C4-B478-F1E718B5EC52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4670t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CB47108-1104-4272-98B4-9458E1B1EA5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4690:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50B07453-9E7C-4F2F-9B9E-B0F3A3710811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4690s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"505D6E8F-51BA-4947-9667-9402ED9111EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-4690t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74D12E38-F78E-4111-88FE-F8472F8A571B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5200u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60A08817-7679-4B7B-8D32-08F7F42525CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5250u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8085F23-481D-4395-9071-5F79DCC4EFEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5257u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB0B9DA-FB37-4E96-99E7-3345B53FDC2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5287u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7138774-E0CF-47C6-BA82-4034AA63AC1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5350:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444D4778-B28C-4DA9-9F44-C2D1ACE20BF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5350u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7EA9832-4E75-4295-B0AE-AB632B043FCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5575r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9BE5A85-4721-4AED-BC92-690094C877FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5675c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDD172D-7ECF-4EF8-A731-0B6484240F23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-5675r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFE1C5F5-C523-4EED-8C5C-7EEBFE9E6D73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6200u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F611716-F3D6-4187-AE71-4FF87C95C18E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6210u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"033028FD-BBD8-4BE0-B0D2-4744380D3EF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6260u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F67974-81B3-43C2-8DAE-A66C6A876B7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6267u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1054FBFC-1609-4301-A0D0-B78878FB2427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6287u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F889F1-3B57-46C1-9C23-9E78CD0DEECF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6300hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93929C7B-D4D9-436B-BA69-FD3C22FCEC2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6300u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7F9109E-EADD-40F4-8360-BF7E37433E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6310u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F5A50A-AAA4-440D-8AA3-54BE556322B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6350hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F7C959-BC66-40AB-8038-D37181A4CE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6360u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9B3858-E58D-471E-8F12-DC109A133B81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D37104E-78E5-4368-B67F-1F8C63873C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B6BBA6-BAA6-4258-8A5D-94CD786A3B96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6440eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DFA368-60E2-42D7-9C59-04F61F1A1FDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6440hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0974E563-6326-4E79-95FF-40625440696E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6442eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B9D15BA-CC1B-4D83-9944-2593E2BA4AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"467F294F-2FC5-4B2A-A1CD-4FE90F9D9C16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E904FB93-EFF6-4E8E-92F2-95C4952B0240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6500te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B232290-B3AD-4BB5-80B8-4CB3E6259A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"772568B9-C502-4154-9320-16D78BF60B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"912614A7-45BA-411D-AE77-610EFE8D2A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-6600t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FBD651A-306D-4341-8DEE-2E928CA6E0EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7200u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E993BEE9-72BD-4615-B1BE-5E9129D61ABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7210u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FD6FEF4-73DA-47B7-966D-9C0C16089423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7260u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA6BB38-CDF8-46B0-9910-897AB7920D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7267u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF244D02-2B47-4884-8D70-37DFEB18CB60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7287u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"615D9B0D-8E91-4C8F-B5BC-6315C2CA90BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7300hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE85AE7-B4BD-442E-AFAB-CD01744C91B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7300u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2425FF8A-158C-40EE-BDBF-43E7641BC058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7360u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADA681B4-37F8-4E2E-B73B-E0E17C66B754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE4C6ADA-EE5E-401D-82B4-6E450EDBD49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"173C6F98-4022-4F40-A39A-D3D490CA6461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7440eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6EACCCA-7ADB-40B8-87DD-A55313E5BB97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7440hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F1BD53-55ED-4346-A67A-141B5BC552CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7442eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D7B5DF-716F-48E6-9445-BB56A620DEF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F3E6176-6F6D-4488-A03B-2BBF846ADC93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AEAE7D3-6E26-43C5-B530-B0EE3DA65C80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7500u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3C31236-EEDA-4558-944D-A6859F1A779A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2603B0FB-A7B0-4E87-B989-D7EFFC2A64E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF705120-459D-49BA-BDCD-6AC38D95C820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7600t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B91585C-4BD7-475B-8AC8-1B813A698D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7640x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B7093E-97DA-4BED-AE7C-87090B82E5E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7y54:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA675E6-83DD-47FF-BEBC-D32E5223A065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-7y57_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F5E4A60-291F-4F51-8F21-40928A95BA2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AC12E92-33CB-4603-AC14-3351CE1D4E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E62309E-1071-4569-8C9A-11748D629CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DDA599F-09D5-4351-B7F5-351A2E04E091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D473E4-5EB1-434D-9D8F-C9365988EEAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3E166F-3D9F-4D0D-924A-147883598EA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BD64BB5-CBC1-4862-BEE6-04FC53017976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4D55B9D-4BAB-4082-A33F-626E15229333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71294A32-F3DD-45EA-A0FC-C3EA0351FA29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E920376-561D-4892-97A2-F4400223B3CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9054F35-AAB5-481E-B512-EDF4C3F2EA2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D350A92-3992-4464-84AB-960ABCA45698\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43DA2F8C-1C05-4447-A861-A33E81050F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D9E3717-83D4-4C7B-9700-2ABDA6DDAD23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA341190-21EC-46FB-849D-F54AD3DFCF93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"874EF732-1067-45BB-BC15-DF815EC8CAFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8420t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD92F60E-0103-44AC-A377-52FFACB0A701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"908629C1-FD27-4247-A33E-4F5E57DFF918\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A98CDB0-BC13-4FB3-9DF2-56D9DCD9002F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2AF0758-7F39-40C0-A174-4805AADACE14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AB63EC2-E95B-43B5-BA7A-16314C968126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99484C0-1349-47EC-AFEB-5F7F281A514E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF02D685-1E67-40E1-A858-000498D5D877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F74885-92EE-4F36-B4E1-5F1F8AD65F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"238D4D09-7183-40D2-ABE0-4C477BCCEA49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-8650k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB1E0C8-5FFD-42A5-9798-1F324488A54A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AC9F52F-6669-459A-A0A9-8F472E1F2761\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7E91B92-4DB7-4866-8370-C6F8616D3D81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85F465BF-4548-45EB-AC40-384F4E6248EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1DFFFEB-CC63-4F51-8828-C5D4E0287264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B176D141-26B0-477E-B2DB-2E48D6FB82AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD97F84B-ED73-4FFD-8634-10631FEE03EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3517u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BF84DAA-69A2-4437-9AF5-972FB1569990\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3517ue:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41804B09-DFF0-48E4-91AC-6499FDA21C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3520m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71BDCDE0-A21F-47F1-A253-AAA5EDDD31BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3537u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5B6864-B51C-4C31-AA93-C7C170F4BD28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3540m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D38D1F4-8332-4EFE-8998-86C654403C6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3555le:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04D88300-9CC8-4725-9BEB-BA705CFD57A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3610qe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1932E842-21A1-4D9F-A755-4201BD6721E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3610qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3257ABFD-7053-48BE-8827-311E9E922501\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3612qe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8194009-767B-48E8-85FA-EB5F242C1B9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3612qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB92F26-67EC-4110-AD45-62530E662E45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3615qe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7035D479-4C83-4A41-9164-6D8557E8F598\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3615qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF5113F5-A058-414F-B82B-EE91C71DD4AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3630qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47D5CD40-9F2B-4021-B43E-E71B3E78B7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3632qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09B0D125-332D-416D-A379-F0D7C1F9DA27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3635qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDB62B03-84E1-4514-BA89-1E13705F672B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3667u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A036D2F8-6666-403C-B187-7884CE5D00A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3687u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2BBBA0B-7761-44BE-82CF-92C1C3E25CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3689y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89771BDB-E24E-48B1-885E-22B1A5BFD228\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3720qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59247DA5-9162-462A-9E3D-3FFB23CFCCED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3740qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C75CB4A-259E-4B40-B8E0-490B93DD11CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3770:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F47B9E3-118C-4270-824A-6A1BD2CC2121\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3770k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAD0A970-9B15-4D9E-8644-15C5A93CEC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3770s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0144B84E-7286-4316-B408-6F860FF03C28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3770t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5709EB3E-5B0E-46C7-9B6B-26999818EE18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3820qm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD1A362-9C06-4BB7-830B-B308BB44A3DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3840qm_:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"904FF4A2-D2B6-4B3E-ACB2-3079F5098397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3920xm:-:*:*:*:extreme:*:*:*\",\"matchCriteriaId\":\"521F58D1-C114-4D81-88AD-6EC56A7AC686\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-3940xm:-:*:*:*:extreme:*:*:*\",\"matchCriteriaId\":\"D596B65D-A288-4DF1-9022-9E4946039954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4500u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"677C66EF-E9B9-430F-A19D-2D87AD83DBDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4510u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFC25D04-7FF5-4178-A7D1-795B6A6134E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4550u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"238EA0E0-0FD6-4DA4-93C8-83490BB61A73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4558u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73BBB876-4CC0-48C9-A40E-B2A017D7E8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4578u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"757DBB7A-D8F1-4BA9-882F-4A112F41D3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4600u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6B019A1-F44F-426C-BE8B-189E7B0CFDB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4610y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DA22F64-0372-49DF-AB8F-0DF5519CB221\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4650u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D973CBCE-D6AF-49A5-A8B4-355E866DA51B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4700ec:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A9D9852-5090-4BD2-B311-E6A7B7837795\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4700eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78AB646B-1FE3-44E3-A762-911843934439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4700hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B4D9DD3-4EFD-448B-BA6E-175A99F47C99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4700mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"840CD8CE-E506-4273-9A42-80488E56FBE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4702ec:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A6E0594-D194-4840-A323-FE0EE56D7E97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4702hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"794FB0BC-73A4-4FBA-8613-42057E8FCB1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4702mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B08A47-9478-4F1A-9959-BB9C7BC1C9E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4710hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43479AB1-1D98-48EF-BD29-3EA0127CED22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4710mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F8412D-F1D5-4219-8DD3-EBFC1BDF27FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4712hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E974332C-498F-4183-8CE4-56BF61A7950E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4712mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7125D26-367E-45DA-A9B5-562310D8E01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4720hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3B71011-540B-4C21-8E8F-FDC7AA80B557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4722hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFDAAA3C-F332-4799-A0B3-952CB076E199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4750hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67AB6E17-4975-4D45-9B42-FA2EBAF2D73B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4760hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED0763B-9406-4644-A60A-676B665C9B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4765t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5DDE5AC-EB56-47B3-A737-05FC0050BC62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC81D07E-F6D1-4B75-87BD-5A79F182FC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B99F445E-2385-46CD-959A-32B95DEF22FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5277739-48A8-447A-A730-1C45107182F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC7A7DE5-019C-4FF6-B810-3A5FBB8A9276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A321932-8B3C-49FD-87B2-CCC215A6A2A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4770t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57585A7D-EF0A-4EF9-8AFE-A5F6AAAC9EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4771:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ADDCBE6-9148-420D-8DFF-AE6667DB71FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4785t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADEBD889-5D07-4620-8E80-BEA16E7BEC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4790:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BF582C2-6958-4060-A49E-AC943678C5A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4790s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA7EEAE-64FE-4891-AC8C-019B1242E12A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4790t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB407F25-0554-4CD0-AC93-FC546EFB52DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4800mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D83B6CD-CF5B-47B2-A547-C6EE8F901203\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4810mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20884D35-BBBA-44A8-BF14-95103C62F72B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4850hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A14A6ECA-8879-40A2-8E33-156541B4E35B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4860hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07AD0193-68BC-44E6-99DF-DC266B16A8AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4870hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D38873C6-BB11-43A1-8233-7828FF143CF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4900mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E079890-9A4D-4AF2-86F4-3663789105DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4910mq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9CB4BA0-CA4E-4C45-9A49-92AB0D411A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4950hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"074C330A-B69B-4414-8B80-E67A6AFEA651\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4960hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EDDDFB8-3F05-4912-ABA3-A9F52B6636F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-4980hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38ECE802-5548-44A8-9777-081C28402AE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5500u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34148EB-C6A7-49DE-8139-316F710D57F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5550u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EA33B05-493C-4F55-82D9-5F2C942A603D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5557u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8D6B87-CA43-4773-B13E-EB07128E5501\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5600u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80BAD40A-BE40-411C-A5E3-19C264BF4805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5650u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD85430-4610-41B7-B7BD-CD3AA5391FB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5700eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA71265A-4E37-4AC6-97D4-ED31D94A35B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5700hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91CEC4BC-098C-4B8F-AA4F-25B9211010D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5750hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9453959E-FB00-441B-B9B6-4BC75DD534B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5775c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ADC848D-C1AF-4FCE-89B4-DD3ABA050202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5775r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0846BDFE-1643-49BE-8B48-03EC17B9BAC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5850eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B131EF48-4094-48C4-807E-4A76156A34CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5850hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"466ECE77-E232-4C03-83A2-FBAC06C82021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-5950hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D98586A-473F-44D7-B299-9480129AE8DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CAD248D-0B95-4BE1-917F-E0976447927D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6510u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104F999D-584F-4D34-9538-679EDBE3B180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5726D5D4-F188-4F06-B78A-2C7C694A40E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72467515-7793-479B-BABF-839275CA9AAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56B79264-C756-408C-A32A-BFD4AA0B20CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3DB891-40F6-4000-BEAE-A1710C70C43D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D3EA33F-D137-4B24-9211-C8A62A7427A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86FFF97C-C121-4F91-B62F-057356B0A048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"213B09CA-91E9-4D11-AA11-B84F40495E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAFC55E4-D84D-4588-976D-1E2637B1BF0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCB20762-51C5-44DD-9CEE-FEEC1E9C0E5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC1A189-D822-405B-A090-B1573FE12B14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31C57E58-66E3-4FEC-A88F-B82C4B372B2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C173CF7E-81DF-4AD5-AB17-A4C330B933D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638549EC-1BB1-4206-B8DC-C0101BBEF8A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8F450DA-5FBA-47BB-9A7D-75873FB3E69F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"112701D9-7154-46E5-BF36-EE36A607C7DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87B5258B-26E4-4853-9F27-4BB12886CC38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1B04E8-A31F-4027-8E05-5461E7855F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49BDD476-E402-408D-9BD6-886AB195704D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D566CFB-935B-40E4-9F4E-6216A42E7EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7510u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8065A9B-4236-44AE-B60B-17F6695A705C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A97ED15-D0C6-4B64-BA08-EE50A6990272\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6A121D8-0D01-4AA7-A1D9-5E2B9F0D30A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D57834B-C031-4301-9839-7A32F13687EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEE126ED-B743-4C6D-95FF-04F473A9A008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D901944-8E2B-41E5-BB82-CF1C97064711\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A13E353-0063-468B-96CD-97BF91C747C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913BBEFF-49E7-42AF-A850-B49E5A12AB98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FE6AE98-E4D9-4FBF-B90A-2B170A0AF26F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E9EF2F2-750C-4CB7-9858-69D7FFA4EF31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C1205B-6AC7-4DB5-B247-2108511D9957\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA47107D-237A-4184-8BA2-601660F7FB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9862E49-124E-4B7D-941A-CFD2668B6481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE6572E2-5B24-4E21-9F6F-3A7A17A9F098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-7y75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85C7AD56-CA31-4C08-A5C1-B50E767E1FFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957F3AC9-D071-4932-B2C9-1643FB78BC7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8510y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B8DD6D2-5F42-4E44-A4BB-D3179D83C2BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1395788D-E23B-433A-B111-745C55018C68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05EA3461-021B-42CD-B4BD-4D2E8703DB93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB6774C8-431B-42AC-8955-02B529222372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8560u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA0960D2-93EC-4CFC-B901-E38A59B798FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F41025AC-6EFE-4562-B1D1-BAB004875B06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC1ED81E-3D62-47FB-8FD4-B2732525C33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC82E058-25FE-4B6C-BA3C-AB043CFAB113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34DD3CCB-91D5-48D6-80BC-CA643385BCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8670:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86817715-BF5A-40C8-8250-7A8CD637C05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8670t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAAC740C-A02E-4342-8388-B85DDE54DF25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04076FFA-D74F-4501-9921-D8EBDF97CD20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4440FC7-F90C-44E0-B7FB-C88BC95EAB77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8846D3C-39C6-48BE-9643-ACC479416257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07279DDB-B07D-4224-AA1C-24B4F3D63BB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4DDEFAF-EEC8-441D-82EF-ECF20B9496A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F423BBE6-327A-40DC-8BCE-BF43600A68D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08718840-D468-4E86-8FFF-A2B1841E6BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9B77426-B579-43C6-9340-F291138ECD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD0CF1E4-487A-4C61-AF4E-733D7ECBCFCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE776B91-9E25-48F5-A4F0-EB36B704AEBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB0C1DA-60C6-4C9E-99D6-7A47696DACD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2EB81B1-7DEF-4CC3-ADC9-A4CB1042E406\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0320CB-05E3-4D5B-BCEF-D862566B0AA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469D79CD-B627-4ACF-ABC7-0EAE5D41A005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"659206BB-510A-47F8-8B6E-FD030A6BE1DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C3257F5-CA55-4F35-9D09-5B85253DE786\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6F8CEA0-1CD6-4F17-85E3-C1CB04D9833A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A48A2969-DC53-48E2-A5CA-4DF2B00D1960\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71AF96FE-EB28-474A-B260-EC22B4A334A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y10a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F61261-1AF5-4B77-8065-25A6B0AFFEEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y10c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"232B0352-B020-4CAA-A5E3-38E75A157C4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CD2FE9A-BFFB-4EC8-9C44-26B2D9911B5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y51:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A5C29F-3597-4846-8CEC-74C8C73740C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"091D17D3-213F-4EC7-81C3-CD96AB7BC89C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m-5y71:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F011F80-4FBA-490D-AF5F-F6DDC941CB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3-6y30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831048A2-657F-4F2C-83AC-802DF45204A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3-7y30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18340F86-5545-4EEF-9F79-6560BB24F277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AFFC8B-3AC1-49B4-9A73-18A3EC928591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m5-6y54:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0504478A-E635-4A8B-A3F2-BE0E5908A7AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m5-6y57:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFFF65E-6576-41A5-82E0-F2EECDC64743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_m7-6y75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E29F8E70-5429-4756-A574-C7B60BE74A86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_1405_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C25607D2-8404-4BD1-9E42-7ECE8DCF3E9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_2020m_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3475F6C6-4E36-44E3-8E84-25ED06B4DB4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_2030m_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E859E810-7280-464A-AB18-10E6DC6B038D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_2117u_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3255C643-CD77-446B-B98E-083D2F07CE12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_2127u_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"493C0F33-F0FF-4828-9210-5976F0259D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_2129y_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B612898-5BC9-4880-AF5E-F498A9634EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3205u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB8E1648-C77C-4C8A-BBDF-20468FF3BA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3215u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"779DA292-A24F-42D6-8013-9DFC27BD8C2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3556u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EF5B50A-63E4-469B-9D59-A2C7BD6F2E72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3558u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC84C9FF-5E9B-41A1-8FF7-88D3F6687894\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3560m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"489DA073-57C8-4904-90B7-F4E94CA34DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3560y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8165EF6-316B-4EA3-95C3-F84B0028024F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3561y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00024F21-F6FC-4EEC-BFD4-3723CAD8F8EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3665u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD0D4FB5-8ABF-40CA-AABC-EF97D8993E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3765u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D6920AE-35D7-4A6F-9169-4EC5E7F2902B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3805u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E24661E-9974-466F-AA8E-C57048DD0978\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_3825u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB91D35-0E4F-478A-AE1E-7C8645DA51E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_4405u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4156AF88-99DA-4331-93A9-07F2049D6B07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_4405y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5F17DA0-EAF5-4BE0-B6CE-AE710C3F871E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_4415u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"079877E5-12C3-4A37-98F8-443DA366BAB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_a1018_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5E6A6CF-12C1-452E-8450-18BD2D4FD95C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_b915c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF838448-0E87-4E73-AF51-55302B329E6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_b925c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66D7E11D-B0E7-42BC-8A6F-3B77D08EC79A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2010_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1290CDC-0F8D-4860-85F7-A4B1B40E1F44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2020_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1110D3C-D880-4D4E-BB68-5A305AD3D5C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2020t_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1623BCE2-AF99-45B1-B156-E81CE0D89D72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2030_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2D72A6-9227-4F44-8243-626AF77A0D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2030t_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BBA4425-A154-4F6A-86D1-A05D6FC26963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2100t_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"311F9683-A58C-42F8-8044-711A7339EF4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2120_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADD9066-D903-4B59-A9C1-7987A7663ED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2120t_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6C28AE-BAB8-4FC4-910D-A935B26D00E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2130_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"341AB666-177D-47D2-B2BB-70C17400AECD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g2140_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADD28BA3-D5EE-4CA4-8A2B-3DC44BCB400A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A920E6F1-4226-44D1-A86E-43247DBC97E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3220t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"851A04D2-49C2-451C-9CAE-40E98C729EAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AB0A5B7-DF08-40B2-B185-0956B2D7379E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3240t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9591F53-E005-4DB6-B162-0DF218919D62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"556DC4B9-4302-483F-BA37-2AF4801D5569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3250t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71359BA-067C-421B-B647-1D69C8BF7ED0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3258:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63002B5D-D73A-4EE5-B0CB-21EDF718E70F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B9F42F2-D5D7-4220-A327-359D3BF1C09F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3260t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C558DDC0-2998-476D-96B2-54235CEF4AE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6090D78-51C8-4295-A4D2-700AD290F745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3420t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACFB23AC-680E-4EE1-B9D9-E2B96E3794BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E3D70C-F003-4A13-A9EC-3810E9585FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14403B92-E903-4093-BFAB-F7C639D63862\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3440t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D252FFC3-B059-44DD-A4F9-49B591B4FD18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7075CF7-B643-460B-ABF2-9AE24ED68FCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3450t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"631CD42C-4F66-42A7-8F9D-114CF866EBDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3460:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7720B3-5489-41B8-BD0A-A6E5A004568F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3460t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D6BBB-3056-4AC3-8960-5BA6C2F74367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g3470:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CBCDE97-E95E-4B53-B4C0-19F026A47229\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A85AE2D5-1BA9-45F5-808A-166E27D7D6CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F142F6EC-F106-4828-B152-13612273A7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4400te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF5D3457-C139-499F-8B41-57C8E7E66D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6FEFAF2-7784-4407-B58A-A0B1DA84415F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4420t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD36DCA7-31D4-4E50-A38C-C437CB2BB439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63BED4F5-65DE-457D-9BDF-89AA5369304B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C590C99-2770-4D63-9837-D1E1F251675D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1FC6A24-AF3E-4B7F-9C12-E947C3E4BB1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4520t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C90F5FB0-7AAD-42F2-9780-E93A82E0C239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g4540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B207606B-14AD-48D0-8219-A54D2617F067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E80ABC5-7BAB-41A1-8D61-481A59BD9C21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A82B8D9-E751-48DA-948C-231ABEE90B54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7706D22-7E16-4068-A467-EE2D4BFAE968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5420t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D28A52-5EE7-42D2-B942-7A341AB00AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ACD1AA7-8805-42A2-852E-C839417B10E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C55F7F50-61ED-487F-AB1D-70B75D972184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_g5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AF50627-7830-4984-8F12-7B73C51E5828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE118AB2-A2C4-452C-B9AD-DDEF65B5EC67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43126A13-5931-4989-BEFD-E1A096F98D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"342E0783-288A-4DB0-A657-29937903927C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4C40F91-138F-4396-9A6B-B969F6AC30B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CA9365-B1C4-4188-A9BF-19215AFF58A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4797D2E-1270-447B-BFE4-CC96D9F10D5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA77EB3-6F11-43BC-8B59-84217AA73205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0866F1A3-8B9C-4B5A-B30D-71B3465EC80A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"331B8F10-3A20-46A8-B960-3546271CF701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE638E59-DF75-43B1-A6DC-10A838B05B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"109FA97C-10EE-41F9-B52B-B37E31642251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2184g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3FB62DD-090B-4434-9056-09427B66AAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67B3834-E59E-47AF-A806-13A990E812B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA04EFF-A9A0-4900-A2F8-7C0D346ACF6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79214F8B-1090-4DCD-B1F4-0FF78FC29C4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD176FB0-7427-4F2E-A969-72062BB3EF98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B278081F-F900-4581-9D10-B5A2ACD2E2C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBBDAA3E-960B-4E84-AD3F-2F8B3A4FF903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45689B37-5085-41B3-BA9D-F05FD07DF1FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7186EA5-448F-473A-8FC8-058FC823ACC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12F0C71-8F25-4C77-A3F3-1231AC53C0CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB179A6F-FED8-45FB-89C7-3B17D6F5EB21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F58AEEB9-919B-4C6C-83B6-080846786A56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BAE174-A158-4807-9D67-36F795028D76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAD38AEA-979D-484B-82F0-0161BA39E9F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"780AB9F4-0C87-4528-B53A-69FBC4D87ADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AA7BB1-6131-4206-8F99-BA8DCE60BFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2CA54AE-915F-45B9-B775-C04589E49802\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB86F018-1F56-4146-A78E-C7BF7B616023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63650DBF-4DBD-4655-AE93-5CBE53F8E0FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00912C9C-D386-445E-B390-E96361ECDFA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B582A1-784C-4BE8-A0D5-706DE01D769E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2284g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56F30E1A-8EF1-4C90-974C-791312241BCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"556637E1-9502-41E7-B91D-082C92F233A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EA930BC-EF68-4AD5-AA1B-0659358028D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1105c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E70E7B6B-C4B6-4864-939A-A0D8D648C661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1105c_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09BD9ADD-4FBE-4A12-A5F0-594B93824671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1125c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97560433-94FE-44AC-98B6-E371C878162A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1125c_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82681A7-C9A8-4CCD-A19A-B4D53343B34F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A2BF613-A53F-437A-A483-564BB4D8CC96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0493CF98-1A11-41D2-B719-6D94583232E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E629CF7-A706-4DD3-B3EB-A1F9711B0372\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD11A3F-A2D4-4B09-84D2-548F97268805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220l_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72953F49-8FB3-4D07-A1F9-96D682348679\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1220l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF9C696B-FA4E-419C-B036-76DCBBD9022C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1221_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92ABFE16-E712-4805-8DAC-AA17C5214631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1225_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E8C4032-40A3-420E-BE9D-ADA27443535B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1225_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"771E2F3E-3FC2-462E-93C4-12301660E6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1225_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1BCDBDF-A902-43A8-94A8-13541FB8CB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1225_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E031BE7-87C6-4E4B-8988-020221ECAEE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1226_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58BEE344-48BE-4D5E-B5BE-9391255C8550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1230_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF68144-22B0-4B0E-A73D-6FE38C213C71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1230_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67A9DE3D-FA10-4C8A-952F-979DE9B19AA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1230_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC1EDA9-6CB8-4643-AC65-76B892319879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1230_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C57129-0A27-4142-BF6E-68A558773573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1230l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B301CD-6105-448E-B013-52F894D8106E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1231_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE531899-3AB8-4540-9099-BE4A0FB75EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1235_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86BD818-70F8-409B-AB96-53CCF490B7FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1235l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15DB4F8D-E42C-4119-83BD-44D6AB9319B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7FB452F-4FFE-449B-9846-198A61B1F521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"231327DF-C1E2-469F-9C5C-25B14541F3AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51E0227B-8F2B-48B3-97BC-73BA1BACEED8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5EFEF14-4ECB-45C9-8911-01FD7B115D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A3E845-3883-4034-B90B-3ABB61BBD1D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1240l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8BD1F0B-7B75-4A5A-A708-BDE56D237354\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1241_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BE15F08-0B49-486A-808F-5B647142F093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1245_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C661F8C-0F1B-4A0B-9B0F-A845883BA3D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1245_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15236325-68D7-4D7F-B500-A79AD02812CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1245_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE01A935-4048-4578-8FBA-1D12A95654D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1245_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"333364EE-BF57-4217-9517-2C1B95B826CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1246_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB7C3F31-16F9-4177-B7F2-B865010A6EDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1258l_v4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB35FC19-9CDC-46EB-87D5-F2418F16B548\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1260l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D45FCBB-CC03-40A8-ADCE-7AE0A7AA05A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1265l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC84425F-C08A-4188-82B9-E56F22DFA17D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1265l_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F157D9-5288-42FA-943C-53F0D227590A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1265l_v4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F3FD78E-7790-4CFD-88F2-46889CBE1BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1268l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0BB6C08-9816-4F79-A91D-84B7E365D586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1268l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D7D164-E631-4D49-B87A-0B7885148790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1270:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23544F02-3847-4089-97F1-8C29B5596B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1270_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"251A501D-9744-49A7-88E8-035C239B06C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1270_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA74EB5E-3D7D-4E5A-8D7D-AF902F8BCF8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1270_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F2476F2-6A8B-442F-B054-738F36613CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1271_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95F1E851-0C83-466B-A89D-03486BD90CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1275_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"000FB0C9-0642-48D1-94CC-A035145963AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1275_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98FA6E45-B945-4923-84FD-B34F2CAA15C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1275_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2A10975-3375-4FB3-A008-56EB2ACD2737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1275_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC9CEA2-C621-4DCF-B64C-5495D3208DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1275l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"565C5D54-D6C2-4387-AA45-F18C4DC344FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1276_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5516A1EB-1A09-4248-A1E0-6438751DA0AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1278l_v4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4E19F29-3E2C-4F0C-A887-07E68D1EFB3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1280_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC228684-3F7B-477F-A010-66CD28B64ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1280_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99848B67-F10E-4DD0-B394-A30463EF0E0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1280_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6A99895-6A48-4A44-B0F7-7BED55C677FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1280_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A32F3CD6-6BA6-40E7-9580-3C1A455B3C99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1281_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC720A2-BD40-4FF7-ADE3-52430B263AD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1285_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4FBE620-5CA2-45B6-9CD9-15928146F23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1285_v4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A656CC1F-943D-4B35-931C-CFBF8F3110B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1285_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2559D24-F8AD-4202-A00D-F48D51A0940A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1285l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3391CFE3-DDED-406A-8126-416C29E20A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1286_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DDE104-1102-4847-AF28-55A380E8C4C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1286l_v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53E830C3-BCD4-45F1-8D00-0DE7959F4369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1290_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C7A319-3FB2-460D-AF17-D70903EC53DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1501l_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37AF4F98-0672-4101-9825-57B0F64EDBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1501m_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2231374F-222A-4BA3-B14D-F69860668F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1505l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"057E3667-7BA8-4142-8A1E-B957333D776A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1505l_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31BF874F-B640-4A18-AC92-F0E16AB7E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1505m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84A77114-92C8-48C4-9D12-3ACC3030D5A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1505m_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"542BC61B-1EA3-4C42-BB99-C9C67EE82F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1515m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13B5BF22-5E95-46A4-AF05-450CFD1312C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1535m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9490F926-AD57-40F3-A523-61D67486DCB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1535m_v6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA12E60-4B0A-4723-8A02-3115494CD1DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1545m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29CC9B92-CF59-4121-9638-F4D4521952D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1558l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CC6592D-743B-4656-B1C0-247F36ABE5CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1565l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCC32129-C5DC-4D26-96D5-219F5291D6F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1575m_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F4426C-970C-49DB-950B-3F5ED17E682A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1578l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ADED698-2702-479C-A24E-E9E6F35E9AFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1585_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D86C0CFB-72A3-4446-9601-2C956C9A71F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:xeon_e3-1585l_v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C578D9-8973-4F36-8BA4-9F4F3A8E0AE6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"496228A2-6907-4970-BEDC-E9B44CBF7CCD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ADAD919-32C1-49D2-A419-C9A803DB6250\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.01.08\",\"matchCriteriaId\":\"F5320759-AAAB-4FEA-99AB-51A7F7EE9F58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"506DEE00-30D2-4E29-9645-757EB8778C0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"26.01.07\",\"matchCriteriaId\":\"36E7D51E-4657-4594-BBD3-F98E3E50F4E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F3C3E60-7C36-4F5D-B454-97C9D0FD9459\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9830BAC-C836-4D00-8E21-28F180A59163\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49D276DE-950F-4A61-BA13-DD5D07A17571\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A2E4F1-7402-4EF2-8559-B9318A01C008\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46CC8AFE-ED6C-4A50-AC80-D2309E03FAE4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.14\",\"matchCriteriaId\":\"77B3A9A8-2AE8-4938-9114-BE75DDBB6A1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A40D0CDB-7BE6-491F-B730-3B4E10CA159A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A946EA63-4FA9-44B8-97F4-E53A5DAADE46\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754A6744-5194-4A99-BD3B-944A8707C80F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.14\",\"matchCriteriaId\":\"AF94A909-1192-41AD-9717-EC88B30B8DCF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDF9D4C3-1892-48FA-95B4-835B636A4005\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.14\",\"matchCriteriaId\":\"C7011395-6ACF-4FC5-AF8F-971427128D27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc527g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.0\",\"matchCriteriaId\":\"65A6E7CD-4AEA-465D-89B3-6EF66E4F17B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc527g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55156889-E9DA-4F04-B894-339DC39CA942\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A15ED1-124A-4642-988F-890FF4162346\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DD4A97-1648-4C7F-A5A0-6899BD13A617\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"r1.28.0\",\"matchCriteriaId\":\"03F52E28-42B0-444F-892D-749B9A7EC498\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB339B5-602F-4AB5-9998-465FDC6ABD6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A30CB799-FF9A-4E4E-A3C6-EB12CE2EB5B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"509AD120-3465-4C00-AAB3-B6F6ED708B51\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.06\",\"matchCriteriaId\":\"1291471D-D36E-4ACF-A912-76697396CDE1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D9AF082-8345-4BE1-B1FC-6E0316BB833B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43337EC1-0BF8-40B3-88BC-38F06EF48DC6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0EF28FB-BAB3-4710-9D25-25F67ACADC60\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.06\",\"matchCriteriaId\":\"7CAAF2D6-7799-4BB7-A151-561E8AB260DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E430C4C5-D887-47C6-B50F-66EEE9519151\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FCA9FA2-AA26-46A3-9E2D-3C87BC2BE0F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"057D9947-CE4A-4B4C-B721-4B29FB71350C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.06\",\"matchCriteriaId\":\"F4DF4B0B-F376-472B-83E0-1B7E5F87EF6A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F9FA42D-B2F0-456F-89B7-6A5789787FBA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A03BCCF-9EF5-4353-8886-15DFE6A35765\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6D87239-40C1-4038-B734-D77AC4DDD571\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681C8A24-C3AC-4CF4-8283-DAC337909CC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F37D88-E086-4060-8420-BD0F8D8FF580\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.06\",\"matchCriteriaId\":\"8E63A5F2-8767-4E25-8785-F8F197B77F7A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1157418C-14C4-43C4-B63E-7E98D868A94F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.b\",\"matchCriteriaId\":\"BD3F04ED-C6D0-4387-BB3A-31C86B1F918F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc3000_smart:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD37AB3C-6E1A-4E8D-A617-4D97B4501A28\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"23.01.08\",\"matchCriteriaId\":\"4ABF49D4-34CE-4DEA-AA2E-A40A53472D1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"187C6D51-5B86-484D-AE0F-26D1C9465580\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F66E1293-5598-4A7D-8523-951F62080B22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE09494-625A-4FF7-8B3E-6510FF9AFC9C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simotion_p320-4s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D77F8F19-06C8-4B8A-8436-26508B2277DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simotion_p320-4s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A49883F4-8360-4895-8E9E-B274A35BDE57\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:threat_intelligence_exchange_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndIncluding\":\"2.3.1\",\"matchCriteriaId\":\"E26D80A2-E490-44B6-A8D2-1AEF487E72B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:threat_intelligence_exchange_server:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F26126-55C2-4E2E-A586-D93FF38ABF6F\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/07/14/5\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://usn.ubuntu.com/4385-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4387-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4388-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4389-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4390-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4391-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4392-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4393-1/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/07/14/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFC7UAPKAFFH5WX3AMDUBVHLKYQA2NZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQZMOSHLTBBIECENNXA6M7DN5FEED4KI/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/4385-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4387-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4388-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4389-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4390-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4391-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4392-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4393-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
RHSA-2021_3255
Vulnerability from csaf_redhat - Published: 2021-08-24 10:01 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
62 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3255",
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972334"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3255.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:10+00:00",
"generator": {
"date": "2024-11-22T17:04:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3255",
"initial_release_date": "2021-08-24T10:01:08+00:00",
"revision_history": [
{
"date": "2021-08-24T10:01:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-24T12:01:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-22.41.el7_4.src",
"product": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.src",
"product_id": "microcode_ctl-2:2.1-22.41.el7_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-22.41.el7_4?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"product": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"product_id": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-22.41.el7_4?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"product": {
"name": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"product_id": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl-debuginfo@2.1-22.41.el7_4?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.src",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.4)",
"product_id": "7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.src",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.4)",
"product_id": "7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.src",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.4)",
"product_id": "7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"relates_to_product_reference": "7Server-7.4.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T10:01:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3255"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.AUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.AUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.E4S:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.E4S:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.src",
"7Server-7.4.TUS:microcode_ctl-2:2.1-22.41.el7_4.x86_64",
"7Server-7.4.TUS:microcode_ctl-debuginfo-2:2.1-22.41.el7_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
RHSA-2021_3317
Vulnerability from csaf_redhat - Published: 2021-08-31 08:30 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux
7.6 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: * hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors
(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors
(CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
62 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux\n7.6 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3317",
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972333"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3317.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:24+00:00",
"generator": {
"date": "2024-11-22T17:04:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3317",
"initial_release_date": "2021-08-31T08:30:36+00:00",
"revision_history": [
{
"date": "2021-08-31T08:30:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T08:30:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:7.6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product": {
"name": "Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:7.6::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-47.23.el7_6.src",
"product": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.src",
"product_id": "microcode_ctl-2:2.1-47.23.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-47.23.el7_6?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"product": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"product_id": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-47.23.el7_6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"product": {
"name": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"product_id": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl-debuginfo@2.1-47.23.el7_6?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.src",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.6)",
"product_id": "7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.src as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.src",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server E4S (v. 7.6)",
"product_id": "7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.src as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.src",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server TUS (v. 7.6)",
"product_id": "7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"relates_to_product_reference": "7Server-7.6.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:30:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3317"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.AUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.AUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.E4S:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.E4S:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.src",
"7Server-7.6.TUS:microcode_ctl-2:2.1-47.23.el7_6.x86_64",
"7Server-7.6.TUS:microcode_ctl-debuginfo-2:2.1-47.23.el7_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
RHSA-2021_3322
Vulnerability from csaf_redhat - Published: 2021-08-31 08:15 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors
(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors
(CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
62 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3322",
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972335"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3322.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:39+00:00",
"generator": {
"date": "2024-11-22T17:04:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3322",
"initial_release_date": "2021-08-31T08:15:28+00:00",
"revision_history": [
{
"date": "2021-08-31T08:15:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T08:15:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-16.42.el7_3.src",
"product": {
"name": "microcode_ctl-2:2.1-16.42.el7_3.src",
"product_id": "microcode_ctl-2:2.1-16.42.el7_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-16.42.el7_3?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"product": {
"name": "microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"product_id": "microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-16.42.el7_3?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64",
"product": {
"name": "microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64",
"product_id": "microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl-debuginfo@2.1-16.42.el7_3?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-16.42.el7_3.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src"
},
"product_reference": "microcode_ctl-2:2.1-16.42.el7_3.src",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-16.42.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T08:15:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.src",
"7Server-7.3.AUS:microcode_ctl-2:2.1-16.42.el7_3.x86_64",
"7Server-7.3.AUS:microcode_ctl-debuginfo-2:2.1-16.42.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
RHSA-2021_3323
Vulnerability from csaf_redhat - Published: 2021-08-31 07:59 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
62 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3323",
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972336"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3323.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:31+00:00",
"generator": {
"date": "2024-11-22T17:04:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3323",
"initial_release_date": "2021-08-31T07:59:36+00:00",
"revision_history": [
{
"date": "2021-08-31T07:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T07:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product_id": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-12.39.el7_2?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product_id": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-12.39.el7_2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product": {
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product_id": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl-debuginfo@2.1-12.39.el7_2?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src"
},
"product_reference": "microcode_ctl-2:2.1-12.39.el7_2.src",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
RHSA-2021_3364
Vulnerability from csaf_redhat - Published: 2021-08-31 09:26 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.2 Extended User Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors
(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors
(CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Threats
Impact
Low
References
63 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.2 Extended User Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3364",
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972326"
},
{
"category": "external",
"summary": "1972329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3364.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:17+00:00",
"generator": {
"date": "2024-11-22T17:04:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3364",
"initial_release_date": "2021-08-31T09:26:30+00:00",
"revision_history": [
{
"date": "2021-08-31T09:26:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T09:26:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product_id": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@20191115-4.20210608.1.el8_2?arch=src\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product_id": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@20191115-4.20210608.1.el8_2?arch=x86_64\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src"
},
"product_reference": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
},
"product_reference": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
SSA-534763
Vulnerability from csaf_siemens - Published: 2020-09-08 00:00 - Updated: 2022-03-08 00:00Summary
SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products
Notes
Summary: Security researchers published information on a vulnerability known as Crosstalk (INTEL-SA-00320). This vulnerability affects modern Intel processors to a varying degree.
Several Siemens Industrial Products contain processors that are affected by the vulnerability.
Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC Field PG M4
Siemens / SIMATIC Field PG M4
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC Field PG M5
Siemens / SIMATIC Field PG M5
|
All BIOS versions < V22.01.08 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC Field PG M6
Siemens / SIMATIC Field PG M6
|
All BIOS versions < V26.01.07 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC347E
Siemens / SIMATIC IPC347E
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC427D (incl. SIPLUS variants)
Siemens / SIMATIC IPC427D (incl. SIPLUS variants)
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC427E (incl. SIPLUS variants)
Siemens / SIMATIC IPC427E (incl. SIPLUS variants)
|
All BIOS versions < V21.01.14 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC477D
Siemens / SIMATIC IPC477D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC477E
Siemens / SIMATIC IPC477E
|
All BIOS versions < V21.01.14 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC477E Pro
Siemens / SIMATIC IPC477E Pro
|
All BIOS versions < V21.01.14 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC527G
Siemens / SIMATIC IPC527G
|
All BIOS versions < V1.4.0 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC547E
Siemens / SIMATIC IPC547E
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC547G
Siemens / SIMATIC IPC547G
|
All BIOS versions < R1.28.0 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC627D
Siemens / SIMATIC IPC627D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC627E
Siemens / SIMATIC IPC627E
|
All BIOS versions < V25.02.06 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC647D
Siemens / SIMATIC IPC647D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC647E
Siemens / SIMATIC IPC647E
|
All BIOS versions < V25.02.06 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC677D
Siemens / SIMATIC IPC677D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC677E
Siemens / SIMATIC IPC677E
|
All BIOS versions < V25.02.06 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC827D
Siemens / SIMATIC IPC827D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC847D
Siemens / SIMATIC IPC847D
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMATIC IPC847E
Siemens / SIMATIC IPC847E
|
All BIOS versions < V25.02.06 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC IPC3000 SMART V2
Siemens / SIMATIC IPC3000 SMART V2
|
< V1.B |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMATIC ITP1000
Siemens / SIMATIC ITP1000
|
All BIOS versions < V23.01.08 |
Vendor Fix
fix
Mitigation
Mitigation
|
|
|
SIMOTION P320-4E
Siemens / SIMOTION P320-4E
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
|
|
SIMOTION P320-4S
Siemens / SIMOTION P320-4S
|
vers:all/* |
No Fix Planned
Mitigation
Mitigation
|
References
17 references
{
"document": {
"category": "Siemens Security Advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Security researchers published information on a vulnerability known as Crosstalk (INTEL-SA-00320). This vulnerability affects modern Intel processors to a varying degree.\n\nSeveral Siemens Industrial Products contain processors that are affected by the vulnerability.\n\nSiemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends specific countermeasures for products where updates are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf"
},
{
"category": "self",
"summary": "SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-534763.txt"
},
{
"category": "self",
"summary": "SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-534763.json"
}
],
"title": "SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products",
"tracking": {
"current_release_date": "2022-03-08T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-534763",
"initial_release_date": "2020-09-08T00:00:00Z",
"revision_history": [
{
"date": "2020-09-08T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2020-10-13T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Removed SINUMERIK 840D sl (NCU730.3B), SINUMERIK 828D (PPU.4 / PPU1740), and SINUMERIK ONE (NCU1750 / NCU1760) from the list of affected products. Added solution for SIMATIC IPC627E, SIMATIC IPC647E, SIMATIC IPC677E, and SIMATIC IPC847E"
},
{
"date": "2020-12-08T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added solution for SIMATIC IPC427E, SIMATIC IPC477E, and SIMATIC IPC477E PRO"
},
{
"date": "2021-02-09T00:00:00Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added solution for SIMATIC Field PG M5, and SIMATIC Field PG M6"
},
{
"date": "2021-04-13T00:00:00Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added solution for SIMATIC ITP1000 and SIMATIC IPC547G"
},
{
"date": "2021-06-08T00:00:00Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Added solution for SIMATIC IPC527G"
},
{
"date": "2022-03-08T00:00:00Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added solution for SIMATIC IPC3000 SMART V2 and clarified that no further fixes are planned"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC Field PG M4",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V22.01.08",
"product": {
"name": "SIMATIC Field PG M5",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M5"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V26.01.07",
"product": {
"name": "SIMATIC Field PG M6",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "SIMATIC Field PG M6"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC347E",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC347E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC427D (incl. SIPLUS variants)",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC427D (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V21.01.14",
"product": {
"name": "SIMATIC IPC427E (incl. SIPLUS variants)",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC427E (incl. SIPLUS variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC477D",
"product_id": "7"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V21.01.14",
"product": {
"name": "SIMATIC IPC477E",
"product_id": "8"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V21.01.14",
"product": {
"name": "SIMATIC IPC477E Pro",
"product_id": "9"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC477E Pro"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V1.4.0",
"product": {
"name": "SIMATIC IPC527G",
"product_id": "10"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC527G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC547E",
"product_id": "11"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC547E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c R1.28.0",
"product": {
"name": "SIMATIC IPC547G",
"product_id": "12"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC547G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC627D",
"product_id": "13"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC627D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V25.02.06",
"product": {
"name": "SIMATIC IPC627E",
"product_id": "14"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC627E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC647D",
"product_id": "15"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC647D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V25.02.06",
"product": {
"name": "SIMATIC IPC647E",
"product_id": "16"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC647E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC677D",
"product_id": "17"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC677D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V25.02.06",
"product": {
"name": "SIMATIC IPC677E",
"product_id": "18"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC677E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC827D",
"product_id": "19"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC827D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC IPC847D",
"product_id": "20"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC847D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V25.02.06",
"product": {
"name": "SIMATIC IPC847E",
"product_id": "21"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC847E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V1.B",
"product": {
"name": "SIMATIC IPC3000 SMART V2",
"product_id": "22"
}
}
],
"category": "product_name",
"name": "SIMATIC IPC3000 SMART V2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All BIOS versions \u003c V23.01.08",
"product": {
"name": "SIMATIC ITP1000",
"product_id": "23"
}
}
],
"category": "product_name",
"name": "SIMATIC ITP1000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOTION P320-4E",
"product_id": "24"
}
}
],
"category": "product_name",
"name": "SIMOTION P320-4E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMOTION P320-4S",
"product_id": "25"
}
}
],
"category": "product_name",
"name": "SIMOTION P320-4S"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25"
]
},
"references": [
{
"summary": "CVE-2020-0543 - SIMATIC Field PG M5",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC Field PG M6",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC427E (incl. SIPLUS variants)",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC477E",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC477E Pro",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC527G",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC547G",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC627E",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC647E",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC677E",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC847E",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 - SIMATIC IPC3000 SMART V2",
"url": "https://support.industry.siemens.com/cs/cn/en/view/109763408/"
},
{
"summary": "CVE-2020-0543 - SIMATIC ITP1000",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"summary": "CVE-2020-0543 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-0543.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"1",
"4",
"5",
"7",
"11",
"13",
"15",
"17",
"19",
"20",
"24",
"25"
]
},
{
"category": "vendor_fix",
"details": "Update BIOS to V22.01.08",
"product_ids": [
"2"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V26.01.07",
"product_ids": [
"3"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V21.01.14",
"product_ids": [
"6",
"8",
"9"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V1.4.0",
"product_ids": [
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to R1.28.0",
"product_ids": [
"12"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V25.02.06",
"product_ids": [
"14",
"16",
"18",
"21"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V1.B or later version",
"product_ids": [
"22"
],
"url": "https://support.industry.siemens.com/cs/cn/en/view/109763408/"
},
{
"category": "vendor_fix",
"details": "Update BIOS to V23.01.08",
"product_ids": [
"23"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109763408"
},
{
"category": "mitigation",
"details": "As a prerequisite for an attack, an attacker must be able to run untrusted code on affected systems. Siemens recommends limiting the possibilities to run untrusted code if possible.",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25"
]
},
{
"category": "mitigation",
"details": "Applying a Defense-in-Depth concept can help to reduce the probability that untrusted code is run on the system. Siemens recommends to apply the Defense-in-Depth concept: https://www.siemens.com/industrialsecurity",
"product_ids": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25"
]
}
],
"title": "CVE-2020-0543"
}
]
}
SUSE-FU-2022:4496-1
Vulnerability from csaf_suse - Published: 2022-12-15 09:43 - Updated: 2022-12-15 09:43Summary
Feature update for SCA patterns
Severity
Moderate
Notes
Title of the patch: Feature update for SCA patterns
Description of the patch: This update for SCA patterns fixes the following issues:
sca-patterns-base:
- Version update from 1.3.1 to 1.5.0 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Added Core.loadFullFile for sectionless parsing (bsc#1187194)
* Added SUSE.getNetworkInterfaces (bsc#1144162)
* Changed required dependencies from python to python3-base (bsc#1191199)
* Fix SUSE.getFileSystems invalid index error (bsc#1185594)
* Fix SUSE.getFileSystems unbound local SWAP variable (bsc#1185593)
* Removed Novell/OES references from libraries (bsc#1186034)
* Updated documentation for SUSE.compareKernel
* Updated kernel version constants for all SUSE libraries (bsc#1189483)
sca-patterns-hae:
- Version update from 1.3.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Added distribution and service pack subdirectories (bsc#1193878)
* False positive hit from /usr/lib/sca/patterns/HAE/stonith-00002.pl (bsc#1124793)
* HAE Policies Quorum 2 node cluster requires ignore policy (bsc#1167689)
* supportconfig indicates IPv6 required by HAE, is already enabled (bsc#1045605)
sca-patterns-suma:
- Version update from 1.0 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
sca-server-report:
- Version update from 1.0.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Changed absolute paths to relative ones (bsc#1186316)
* Changed required dependencies from python to python3-base (bsc#1191199)
* Ensure that the legacy SuSE-release file works (bsc#1196730)
* Fix sca report header supportconfig file (bsc#1186442)
* Fix the report file output path (bsc#1180894)
* Removed preprocessor elements for OES Filr eDir (bsc#1186420)
sca-patterns-sle15:
- Version update from 1.0.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Added Video link to coredumpctl-000018634.py
* Added video links to patterns (bsc#1190460):
* bhc-scc-expired.py, bhc-scc-registered.py, bhc-diskused-00001.pl, bhc-memused-00001.pl
* Fixed crosstalk message strings (bsc#1186312)
* Fixed field reference in sle15all/lvm-00003.pl
* Fixed metadata tags in scc-registered.py
* Fixed percent used calculation for bhc-memused-00001.pl (bsc#1189889)
* Removed outdated TID2 link in bhc-diskused-00001.pl (bsc#1190260)
* Requires Core library 1.3.3 which contains Core.logFullFile function
* Updated registration link in bhc-scc-registered.py
* Updated renewal link in bhc-scc-expired.py
- New security announcement patterns:
* Apr 2022 (13) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1
SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1
SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1
* Mar 2022 (48) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1
SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1
SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1
SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1
SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1
SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1
* Feb 2022 (60) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1
SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1
SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1
SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1
SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1
SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0277-1
SUSE-SU-2022:0283-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0468-1 SUSE-SU-2022:0541-1 SUSE-SU-2022:0284-1
SUSE-SU-2022:0563-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0563-1 SUSE-SU-2022:0301-1 SUSE-SU-2022:0367-1
SUSE-SU-2022:0367-1
* Jan 2022 (92) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1
SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1
SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1
SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1
SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1
SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1
SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1
SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0277-1
SUSE-SU-2022:0283-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0468-1 SUSE-SU-2022:0541-1 SUSE-SU-2022:0284-1
SUSE-SU-2022:0563-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0563-1 SUSE-SU-2022:0301-1 SUSE-SU-2022:0367-1
SUSE-SU-2022:0367-1 SUSE-SU-2022:0043-1 SUSE-SU-2022:0177-1 SUSE-SU-2022:0064-1 SUSE-SU-2022:0134-1
SUSE-SU-2022:0141-1 SUSE-SU-2022:0050-1 SUSE-SU-2022:0021-1 SUSE-SU-2022:0069-1 SUSE-SU-2022:0198-1
SUSE-SU-2022:0131-1 SUSE-SU-2022:0088-1 SUSE-SU-2022:0144-1 SUSE-SU-2022:0151-1 SUSE-SU-2022:0091-1
SUSE-SU-2022:0091-1 SUSE-SU-2022:0183-1 SUSE-SU-2022:0211-1 SUSE-SU-2022:0191-1 SUSE-SU-2022:0050-1
SUSE-SU-2022:0137-1 SUSE-SU-2022:0214-1 SUSE-SU-2022:0128-1 SUSE-SU-2022:0119-1 SUSE-SU-2022:0183-1
SUSE-SU-2022:0211-1 SUSE-SU-2022:0251-1 SUSE-SU-2022:0200-1 SUSE-SU-2022:0191-1 SUSE-SU-2022:0137-1
SUSE-SU-2022:0214-1 SUSE-SU-2022:0031-1 SUSE-SU-2022:0119-1
* Jul 2021 (20) for SUSE-SU-2021:2457-1 SUSE-SU-2021:2410-1 SUSE-SU-2021:2442-1 SUSE-SU-2021:2352-1
SUSE-SU-2021:1863-2 SUSE-SU-2021:2415-1 SUSE-SU-2021:2555-1 SUSE-SU-2021:2439-1 SUSE-SU-2021:2459-1
SUSE-SU-2021:2291-1 SUSE-SU-2021:2457-1 SUSE-SU-2021:2404-1 SUSE-SU-2021:2474-1 SUSE-SU-2021:2471-1
SUSE-SU-2021:2438-1 SUSE-SU-2021:2325-1 SUSE-SU-2021:2439-1 SUSE-SU-2021:2461-1 SUSE-SU-2021:2421-1
SUSE-SU-2021:2470-1
* Jun 2021 (46) for SUSE-SU-2021:2011-1 SUSE-SU-2021:1933-1 SUSE-SU-2021:1998-1 SUSE-SU-2021:2106-1
SUSE-SU-2021:1951-1 SUSE-SU-2021:2213-1 SUSE-SU-2021:1942-1 SUSE-SU-2021:2012-1 SUSE-SU-2021:1859-1
SUSE-SU-2021:1843-1 SUSE-SU-2021:1825-1 SUSE-SU-2021:2196-1 SUSE-SU-2021:1917-1 SUSE-SU-2021:1958-1
SUSE-SU-2021:2184-1 SUSE-SU-2021:1977-1 SUSE-SU-2021:1819-1 SUSE-SU-2021:1944-1 SUSE-SU-2021:1834-1
SUSE-SU-2021:1826-1 SUSE-SU-2021:2127-1 SUSE-SU-2021:2011-1 SUSE-SU-2021:1933-1 SUSE-SU-2021:1999-1
SUSE-SU-2021:2106-1 SUSE-SU-2021:2212-1 SUSE-SU-2021:1893-1 SUSE-SU-2021:1859-1 SUSE-SU-2021:1994-1
SUSE-SU-2021:1970-1 SUSE-SU-2021:1843-1 SUSE-SU-2021:2196-1 SUSE-SU-2021:1917-1 SUSE-SU-2021:1958-1
SUSE-SU-2021:1890-1 SUSE-SU-2021:1819-1 SUSE-SU-2021:1834-1 SUSE-SU-2021:2127-1 SUSE-SU-2021:1901-1
SUSE-SU-2021:1911-1 SUSE-SU-2021:2104-1 SUSE-SU-2021:1895-1 SUSE-SU-2021:2155-1 SUSE-SU-2021:2122-1
SUSE-SU-2021:2211-1 SUSE-SU-2021:1845-1
* May 2021 (39) for SUSE-SU-2021:1557-1 SUSE-SU-2021:1806-1 SUSE-SU-2021:1785-1 SUSE-SU-2021:1466-1
SUSE-SU-2021:1491-1 SUSE-SU-2021:1577-1 SUSE-SU-2021:1654-1 SUSE-SU-2021:1523-1 SUSE-SU-2021:1765-1
SUSE-SU-2021:1755-1 SUSE-SU-2021:1599-1 SUSE-SU-2021:1761-1 SUSE-SU-2021:1655-1 SUSE-SU-2021:1598-1
SUSE-SU-2021:1762-1 SUSE-SU-2021:1474-1 SUSE-SU-2021:1493-1 SUSE-SU-2021:1557-1 SUSE-SU-2021:1806-1
SUSE-SU-2021:1785-1 SUSE-SU-2021:1466-1 SUSE-SU-2021:1491-1 SUSE-SU-2021:1577-1 SUSE-SU-2021:1654-1
SUSE-SU-2021:1523-1 SUSE-SU-2021:1765-1 SUSE-SU-2021:1755-1 SUSE-SU-2021:1574-1 SUSE-SU-2021:1599-1
SUSE-SU-2021:1761-1 SUSE-SU-2021:1636-1 SUSE-SU-2021:1655-1 SUSE-SU-2021:1598-1 SUSE-SU-2021:1762-1
SUSE-SU-2021:1474-1 SUSE-SU-2021:1493-1 SUSE-SU-2021:1500-1 SUSE-SU-2021:1792-1 SUSE-SU-2021:1573-1
* May 2021 (30) for SUSE-SU-2021:1182-1 SUSE-SU-2021:1430-1 SUSE-SU-2021:1168-1 SUSE-SU-2021:1408-1
SUSE-SU-2021:1409-1 SUSE-SU-2021:1182-1 SUSE-SU-2021:1028-1 SUSE-SU-2021:1166-1 SUSE-SU-2021:1430-1
SUSE-SU-2021:1113-1 SUSE-SU-2021:1444-1 SUSE-SU-2021:1280-1 SUSE-SU-2021:1243-1 SUSE-SU-2021:1168-1
SUSE-SU-2021:1408-1 SUSE-SU-2021:1094-1 SUSE-SU-2021:1029-1 SUSE-SU-2021:1238-1 SUSE-SU-2021:1409-1
SUSE-SU-2021:1006-1 SUSE-SU-2021:1161-1 SUSE-SU-2021:1108-1 SUSE-SU-2021:1282-1 SUSE-SU-2021:1179-1
SUSE-SU-2021:1153-1 SUSE-SU-2021:1445-1 SUSE-SU-2021:1244-1 SUSE-SU-2021:1292-1 SUSE-SU-2021:1103-1
SUSE-SU-2021:1455-1
- New regular patterns:
* sle15sp3/oldlvm-000019878.py, sle15sp2/oldlvm-000019878.py: Physical Volume is using an old PV header (bsc#1179170)
* sle15sp3/intelpstate_153-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon
Scalable processors (bsc#1185758)
* sle15sp3/dasdkvm-000020295.py: DASD partitions not recognized on SUSE Linux Enterprise 15 Service Pack 3 KVM guest
* sle15sp2/rpmnfs-000020364.py, sle15sp3/rpmnfs-000020364.py: Upgrading an RPM reports cpio chmod failed
(bsc#1189394)
* sle15sp2/nfstimeout_152-000019943.py: Delayed outgoing packets causing NFS timeouts (bsc#1183405)
* sle15sp2/mpiopmem-000019884.py: Executing multipath -ll on Optane memory based pmem devices returns HDIO_GETGEO
failed with 25 (bsc#1182917)
* sle15sp2/ipmitool-000020250.py: hanging on getting cipher suites (bsc#1185684)
* sle15sp2/intelpstate_152-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon Scalable
processors (bsc#1185758)
* sle15sp2/ghostcat_152-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle15sp2/fcoe-000019889.py: System with FCoE connected devices fails to boot randomly due to wicked ordering cycle
problems (bsc#1176140)
* sle15sp1/qlogic-000019630.py: System crashes when the system is rebooted with SR-IOV enabled QLogic cards
(bsc#1155990)
* sle15sp1/passthrough-000019579.py: Passthrough of Raid Controller to KVM guest results in NMI and unresponsiveness
on host (bsc#1152800)
* sle15sp1/nfsperf-151-000019615.py: Performance loss when writing large files over NFS (bsc#1163403)
* sle15sp1/nfsipv6_151-000019618.py: Timeout when attempting NFS mount over IPv6 (bsc#1144162)
* sle15sp1/nfit-000019688.py: dmesg shows NFIT related messages after updating the kernel (bsc#1159356)
* sle15sp1/namespace-000019571.py: Activation of multiple namespaces simultaneously may lead to an activation
failure (bsc#1157778)
* sle15sp1/ipmi-000019602.py: IPMI driver can be unloaded when being accessed by user space (bsc#1154768)
* sle15sp1/ghostcat_151-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle15sp1/edac-000019537.py: A kernel message shows EDAC amd64 Error F0 not found, device 0x1460 broken BIOS
(bsc#1131489)
* sle15sp1/docore_151-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1177753)
* sle15sp0/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)
* sle15sp0/ghostcat_150-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle15all/zypproxy-000020275.py: zypper commands return Error code HTTP response 0
* sle15all/vmcore-00002.pl: Detects the need for a kernel core analysis
* sle15all/vmcore-00001.pl: Identifies kernel core dumps for review
* sle15all/udevmac-000020260.py: systemd-udevd Could not generate persistent MAC address for br0 No such file or
directory (bsc#1185357)
* sle15all/systemd-current-failed-7017137.py: Check for failed systemd services
* sle15all/sysdjobs-000020261.py: Troubleshooting systemd jobs that are hung or stuck
* sle15all/softlock-000018705.py: soft lockup messages about
* sle15all/slapd-000019711.py: slapd.service not enabled/failed after upgrade from SUSE Linux Enterprise 11 Service
Pack 4 to SUSE Linux Enterprise 15 (bsc#1156353)
* sle15all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition
* sle15all/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL
server (bsc#1183464)
* sle15all/scc-registered.py: Check system registration status
* sle15all/scc-expired.py: Identify if SCC registrations have expired
* sle15all/scatool-000020253.py: scatool fails to analyze supportconfigs with xz compression (bsc#1155181)
* sle15all/scatool-000004685.py: scatool fails with traceback
* sle15all/proxy-00003.pl: Checks for proxy environment variables
* sle15all/postfix-000020356.py: Postfix fails to start with IPv6 disabled
* sle15all/oomvsftpd-000020252.py: vsftpd and other processes terminated due to OOM scenario (bsc#1182905)
* sle15all/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from SUSE Linux
Enterprise 15 Service Pack 2 (bsc#1176375)
* sle15all/mysqlperf-000020354.py: mysqld segfault when the system is under stress (bsc#1186792)
* sle15all/lvmsnapshot-000019858.py: LVM snapshot changed state to Invalid and should be removed (bsc#1179170)
* sle15all/lvm-00005.pl: Duplicate volume groups are usually a configuration issue
* sle15all/lvm-00004.pl: LMV Check sum errors may indicate corrupted LVM metadata
* sle15all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for
missing physical volumes.
* sle15all/iscsimnts-000019648.py: Proper mount options for iSCSI drives
* sle15all/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can't install (bsc#1187508)
* sle15all/coredumpctl-000018634.py: How to obtain systemd service core dumps
* sle15all/btrfsmaster-000018779.py: BTRFS Master TID
* sle15all/blacklist-000019607.py: System exit to emergency shell at boot with multipath enabled
* sle15all/bhc-scc.sh: Pattern removed (bsc#1184594, bsc#1186317)
* sle15all/acpid-000019708.py: acpid.service failed to start after upgrade (bsc#1158890)
* CVE-2020-0543: Special Register Buffer Data Sampling aka CrossTalk (bsc#1154824)
+ sle15sp2/crosstalk_152-000019643.py
+ sle15sp1/crosstalk_151-000019643.py
* CVE-2020-0548, CVE-2020-0549: L1D data cache eviction and Vector Register sampling (bsc#1156353)
+ sle15sp2/ucodeintel_152-000019635.py
+ sle15sp1/ucodeintel_151-000019635.py
+ sle15sp0/ucodeintel_150-000019635.py
- Renamed pattern files for filename standard
* Renamed patterns/SLE/sle15all/scc-expired.py to patterns/SLE/sle15all/bhc-scc-expired.py
* Renamed /SLE/sle15all/scc-registered.py to patterns/SLE/sle15all/bhc-scc-registered.py
- Updated regular patterns:
* sle15all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for
missing physical volumes
sca-patterns-sle12:
- Version update from 1.0.2 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Added Video link to coredumpctl-000018634.py
* Added video links to patterns (bsc#1190460):
+ bhc-scc-expired.py, bhc-scc-registered.py, bhc-diskused-00001.pl, bhc-memused-00001.pl
* Fixed crosstalk message strings (bsc#1186312)
* Fixed metadata tags for scc-registered.py
* Removed outdated TID2 link in bhc-diskused-00001.pl (bsc#1190260)
* Requires Core library 1.3.3 which contains Core.logFullFile function
* Updated registration link in bhc-scc-registered.py
* Updated renewal link in bhc-scc-expired.py
* Updated scc-registered.py pattern to fix registration detection
- New security announcement patterns:
* Apr 2022 (53) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1
SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1
SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1
SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1
SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1
SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1
SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1
* Mar 2022 (127) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1
SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1
SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1
SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1
SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1
SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1
SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1
SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1
SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1
SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1
SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1
SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1
SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1
SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1
SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1
SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1
* Feb 2022 (169) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1
SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1
SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1
SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1
SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1
SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1
SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1
SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1
SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1
SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1
SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1
SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1
SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1
SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1
SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1
SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0469-1
SUSE-SU-2022:0504-1 SUSE-SU-2022:0478-1 SUSE-SU-2022:0576-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1
SUSE-SU-2022:0323-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1 SUSE-SU-2022:0372-1 SUSE-SU-2022:0561-1
SUSE-SU-2022:0495-1 SUSE-SU-2022:0440-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0331-1 SUSE-SU-2022:0478-1
SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1
SUSE-SU-2022:0271-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0359-1
SUSE-SU-2022:0478-1 SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1
SUSE-SU-2022:0552-1 SUSE-SU-2022:0329-1 SUSE-SU-2022:0328-1 SUSE-SU-2022:0327-1 SUSE-SU-2022:0325-1
SUSE-SU-2022:0271-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1
* Jan 2022 (218) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1
SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1
SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1
SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1
SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1
SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1
SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1
SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1
SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1
SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1
SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1
SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1
SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1
SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1
SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1
SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1
SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1
SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1
SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1
SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1
SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0469-1
SUSE-SU-2022:0504-1 SUSE-SU-2022:0478-1 SUSE-SU-2022:0576-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1
SUSE-SU-2022:0323-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1 SUSE-SU-2022:0372-1 SUSE-SU-2022:0561-1
SUSE-SU-2022:0495-1 SUSE-SU-2022:0440-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0331-1 SUSE-SU-2022:0478-1
SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1
SUSE-SU-2022:0271-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0359-1
SUSE-SU-2022:0478-1 SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1
SUSE-SU-2022:0552-1 SUSE-SU-2022:0329-1 SUSE-SU-2022:0328-1 SUSE-SU-2022:0327-1 SUSE-SU-2022:0325-1
SUSE-SU-2022:0271-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1
SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0110-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0060-1
SUSE-SU-2022:0118-1 SUSE-SU-2022:0189-1 SUSE-SU-2022:0061-1 SUSE-SU-2022:0030-1 SUSE-SU-2022:0115-1
SUSE-SU-2022:0212-1 SUSE-SU-2022:0032-1 SUSE-SU-2022:0034-1 SUSE-SU-2022:0080-1 SUSE-SU-2022:0068-1
SUSE-SU-2022:0166-1 SUSE-SU-2022:0107-1 SUSE-SU-2022:0081-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0160-1
SUSE-SU-2022:0145-1 SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0189-1
SUSE-SU-2022:0030-1 SUSE-SU-2022:0115-1 SUSE-SU-2022:0212-1 SUSE-SU-2022:0042-1 SUSE-SU-2022:0034-1
SUSE-SU-2022:0166-1 SUSE-SU-2022:0107-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0065-1 SUSE-SU-2022:0145-1
SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0189-1 SUSE-SU-2022:0030-1
SUSE-SU-2022:0115-1 SUSE-SU-2022:0212-1 SUSE-SU-2022:0041-1 SUSE-SU-2022:0034-1 SUSE-SU-2022:0166-1
SUSE-SU-2022:0107-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0065-1 SUSE-SU-2022:0145-1
* Jun 2021 (80) for SUSE-SU-2021:2014-1 SUSE-SU-2021:1990-1 SUSE-SU-2021:1929-1 SUSE-SU-2021:1838-1
SUSE-SU-2021:1906-1 SUSE-SU-2021:1880-1 SUSE-SU-2021:1837-1 SUSE-SU-2021:1842-1 SUSE-SU-2021:2152-1
SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1 SUSE-SU-2021:1830-1 SUSE-SU-2021:2180-1
SUSE-SU-2021:2135-1 SUSE-SU-2021:1957-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:2016-1 SUSE-SU-2021:1913-1
SUSE-SU-2021:1887-1 SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1 SUSE-SU-2021:1959-1 SUSE-SU-2021:1822-1
SUSE-SU-2021:2137-1 SUSE-SU-2021:1943-1 SUSE-SU-2021:2175-1 SUSE-SU-2021:2006-1 SUSE-SU-2021:1900-1
SUSE-SU-2021:2014-1 SUSE-SU-2021:1990-1 SUSE-SU-2021:1930-1 SUSE-SU-2021:1906-1 SUSE-SU-2021:1947-1
SUSE-SU-2021:1842-1 SUSE-SU-2021:2152-1 SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1
SUSE-SU-2021:1830-1 SUSE-SU-2021:2180-1 SUSE-SU-2021:2135-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:1891-1
SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1 SUSE-SU-2021:1960-1 SUSE-SU-2021:1822-1 SUSE-SU-2021:1943-1
SUSE-SU-2021:1494-2 SUSE-SU-2021:2175-1 SUSE-SU-2021:2006-1 SUSE-SU-2021:1900-1 SUSE-SU-2021:2014-1
SUSE-SU-2021:1990-1 SUSE-SU-2021:1930-1 SUSE-SU-2021:1906-1 SUSE-SU-2021:1894-1 SUSE-SU-2021:1842-1
SUSE-SU-2021:2119-1 SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1 SUSE-SU-2021:1830-1
SUSE-SU-2021:2180-1 SUSE-SU-2021:2135-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:2060-1 SUSE-SU-2021:2042-1
SUSE-SU-2021:2026-1 SUSE-SU-2021:1870-1 SUSE-SU-2021:1865-1 SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1
SUSE-SU-2021:1960-1 SUSE-SU-2021:1822-1 SUSE-SU-2021:1943-1 SUSE-SU-2021:1494-2 SUSE-SU-2021:2175-1
SUSE-SU-2021:2006-1
* May 2021 (39) for SUSE-SU-2021:1580-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1490-1 SUSE-SU-2021:1783-1
SUSE-SU-2021:1782-1 SUSE-SU-2021:1576-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1524-1 SUSE-SU-2021:1766-1
SUSE-SU-2021:1595-1 SUSE-SU-2021:1572-1 SUSE-SU-2021:1760-1 SUSE-SU-2021:1646-1 SUSE-SU-2021:1813-1
SUSE-SU-2021:1645-1 SUSE-SU-2021:1763-1 SUSE-SU-2021:1468-1 SUSE-SU-2021:1494-1 SUSE-SU-2021:1648-1
SUSE-SU-2021:1492-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1596-1 SUSE-SU-2021:1646-1
SUSE-SU-2021:1813-1 SUSE-SU-2021:1645-1 SUSE-SU-2021:1786-1 SUSE-SU-2021:1468-1 SUSE-SU-2021:1492-1
SUSE-SU-2021:1621-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1623-1 SUSE-SU-2021:1646-1 SUSE-SU-2021:1813-1
SUSE-SU-2021:1645-1 SUSE-SU-2021:1469-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1617-1 SUSE-SU-2021:1469-1
* Apr 2021 (69) for SUSE-SU-2021:1181-1 SUSE-SU-2021:1023-1 SUSE-SU-2021:1274-1 SUSE-SU-2021:1438-1
SUSE-SU-2021:1242-1 SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1396-1 SUSE-SU-2021:1325-1
SUSE-SU-2021:1152-1 SUSE-SU-2021:1125-1 SUSE-SU-2021:1248-1 SUSE-SU-2021:1210-1 SUSE-SU-2021:1175-1
SUSE-SU-2021:1435-1 SUSE-SU-2021:1314-1 SUSE-SU-2021:1277-1 SUSE-SU-2021:1030-1 SUSE-SU-2021:1165-1
SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1174-1 SUSE-SU-2021:1159-1 SUSE-SU-2021:1315-1
SUSE-SU-2021:1180-1 SUSE-SU-2021:1251-1 SUSE-SU-2021:1273-1 SUSE-SU-2021:1241-1 SUSE-SU-2021:1429-1
SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1325-1 SUSE-SU-2021:1152-1 SUSE-SU-2021:1435-1
SUSE-SU-2021:1165-1 SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1189-1 SUSE-SU-2021:1187-1
SUSE-SU-2021:1252-1 SUSE-SU-2021:1431-1 SUSE-SU-2021:1273-1 SUSE-SU-2021:1240-1 SUSE-SU-2021:1401-1
SUSE-SU-2021:1399-1 SUSE-SU-2021:1373-1 SUSE-SU-2021:1341-1 SUSE-SU-2021:1325-1 SUSE-SU-2021:1152-1
SUSE-SU-2021:1075-1 SUSE-SU-2021:1074-1 SUSE-SU-2021:1435-1 SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1
SUSE-SU-2021:1189-1 SUSE-SU-2021:1187-1 SUSE-SU-2021:1431-1 SUSE-SU-2021:1267-1 SUSE-SU-2021:1442-1
SUSE-SU-2021:1439-1 SUSE-SU-2021:1305-1 SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1325-1
SUSE-SU-2021:1152-1 SUSE-SU-2021:1148-1 SUSE-SU-2021:1145-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1189-1
* Mar 2021 New Security Announcement Patterns (79) for SUSE-SU-2021:0990-1 SUSE-SU-2021:0720-1
SUSE-SU-2021:0929-1 SUSE-SU-2021:0988-1 SUSE-SU-2021:0975-1 SUSE-SU-2021:0776-1 SUSE-SU-2021:0794-1
SUSE-SU-2021:0886-1 SUSE-SU-2021:0887-1 SUSE-SU-2021:0675-1 SUSE-SU-2021:0987-1 SUSE-SU-2021:0954-1
SUSE-SU-2021:0752-1 SUSE-SU-2021:0725-1 SUSE-SU-2021:0998-1 SUSE-SU-2021:0693-1 SUSE-SU-2021:0663-1
SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0742-1 SUSE-SU-2021:0739-1
SUSE-SU-2021:0681-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0713-1 SUSE-SU-2021:0779-1
SUSE-SU-2021:0745-1 SUSE-SU-2021:0929-1 SUSE-SU-2021:0988-1 SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1
SUSE-SU-2020:2173-2 SUSE-SU-2021:0954-1 SUSE-SU-2021:0752-1 SUSE-SU-2021:0725-1 SUSE-SU-2021:0693-1
SUSE-SU-2021:0663-1 SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0736-1
SUSE-SU-2021:0681-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0745-1 SUSE-SU-2021:0929-1
SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1 SUSE-SU-2020:2173-2 SUSE-SU-2021:0939-1 SUSE-SU-2021:0693-1
SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0870-1 SUSE-SU-2021:0835-1
SUSE-SU-2021:0743-1 SUSE-SU-2021:0682-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0745-1
SUSE-SU-2021:0929-1 SUSE-SU-2021:0928-1 SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1 SUSE-SU-2020:2173-2
SUSE-SU-2021:0939-1 SUSE-SU-2021:0693-1 SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0999-1
SUSE-SU-2021:0667-1 SUSE-SU-2021:0870-1 SUSE-SU-2021:0835-1 SUSE-SU-2021:0744-1 SUSE-SU-2021:0679-1
SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1
- New regular patterns:
* sle12sp5/vmtools-000004682.py: Extensive logging in vmware-vmsvc-root.log with open-vm-tools (bsc#1162119)
* sle12sp5/tailf-000019885.py: Aborting tailf causes bash session to be corrupted (bsc#1177369)
* sle12sp5/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12sp5/systemd_SUSE-SU-2021_2405-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL
server (bsc#1183464)
* sle12sp5/qemu_SUSE-SU-2021_2448-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5
* sle12sp5/python-py_SUSE-SU-2021_2236-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5
* sle12sp5/permissions_SUSE-SU-2021_2280-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5
* sle12sp5/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from
SUSE Linux Enterprise 15 Service Pack 2 (bsc#1176375)
* sle12sp5/nfstimeout_125-000019943.py: Delayed outgoing packets causing NFS timeouts (bsc#1183405)
* sle12sp5/nfsperf-125-000019615.py: Performance loss when writing large files over NFS (bsc#1163403)
* sle12sp5/nfsipv6_125-000019618.py: Timeout when attempting NFS mount over IPv6 (bsc#1144162)
* sle12sp5/lscpu-000019784-12.py: lscpu segfaults on IBM Power8 - Assertion failed (bsc#1175623)
* sle12sp5/linuxptp_SUSE-SU-2021_2545-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/kgraft-patch_SUSE-SU-2021_2462-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5
* sle12sp5/kgraft-patch_SUSE-SU-2021_2389-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5
* sle12sp5/kgraft-patch_SUSE-SU-2021_2324-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5
* sle12sp5/kernel_SUSE-SU-2021_2416-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/kernel_SUSE-SU-2021_2407-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/kernel_SUSE-SU-2021_2321-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/intelpstate_125-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon
Scalable processors (bsc#1185758)
* sle12sp5/glibc_SUSE-SU-2021_2480-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/ghostcat_125-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle12sp5/docore_125-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1182194)
* sle12sp5/dbus-1_SUSE-SU-2021_2424-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5
* sle12sp5/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can't install (bsc#1187508)
* sle12sp5/btrfscrash-125-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)
* sle12sp5/btrfscrash-125-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)
* sle12sp4/vmtools-000004682.py: Extensive logging in vmware-vmsvc-root.log with open-vm-tools (bsc#1162119)
* sle12sp4/tcpdumpcore-000019666.py: Running tcpdump on a SUSE Linux Enterprise 12 Service Pack 4 System with Kernel
4.12.14-95.48-default may crash the system (bsc#1176579)
* sle12sp4/tailf-000019885.py: Aborting tailf causes bash session to be corrupted (bsc#1177369)
* sle12sp4/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12sp4/systemd_SUSE-SU-2021_2423-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS
* sle12sp4/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL
server (bsc#1183464)
* sle12sp4/plymouth-000019595.py: plymouth hang - login to console not possible
* sle12sp4/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from SUSE Linux
Enterprise 15 Service Pack 2 (bsc#1176375)
* sle12sp4/nfsperf-124-000019615.py: Performance loss when writing large files over NFS (bsc#1163403)
* sle12sp4/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)
* sle12sp4/linuxptp_SUSE-SU-2021_2443-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS
* sle12sp4/kgraft-patch_SUSE-SU-2021_2546-1_12.4.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP4 LTSS
* sle12sp4/kgraft-patch_SUSE-SU-2021_2389-1_12.4.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP4 LTSS
* sle12sp4/kernel_SUSE-SU-2021_2422-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS
* sle12sp4/ghostcat_124-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle12sp4/docore_124-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1182194)
* sle12sp4/curl_SUSE-SU-2021_2425-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS
* sle12sp4/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can't install (bsc#1187508)
* sle12sp4/btrfscrash-124-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)
* sle12sp4/btrfscrash-124-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)
* sle12sp3/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12sp3/systemd_SUSE-SU-2021_2423-1_12.3.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP3 LTSS
* sle12sp3/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)
* sle12sp3/linuxptp_SUSE-SU-2021_2443-1_12.3.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP3 LTSS
* sle12sp3/kgraft-patch_SUSE-SU-2021_2563-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS
* sle12sp3/kgraft-patch_SUSE-SU-2021_2538-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS
* sle12sp3/kgraft-patch_SUSE-SU-2021_2451-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS
* sle12sp3/kgraft-patch_SUSE-SU-2021_2433-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS
* sle12sp3/kgraft-patch_SUSE-SU-2021_2389-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS
* sle12sp3/ghostcat_123-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle12sp2/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12sp2/ghostcat_122-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle12sp1/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12sp1/ghostcat_121-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle12sp0/systemd-current-failed-7017137.py: Check for failed systemd services
* sle12all/zypproxy-000020275.py: zypper commands return Error code HTTP response 0
* sle12all/zerologon-000019713.py: Zerologon aka CVE-2020-1472 (bsc#1176579)
* sle12all/sysdjobs-000020261.py: Troubleshooting systemd jobs that are hung or stuck
* sle12all/softlock-000018705.py: soft lockup messages about
* sle12all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition
* sle12all/scatool-000020253.py: scatool fails to analyze supportconfigs with xz compression (bsc#1186316)
* sle12all/postfix-000020356.py: Postfix fails to start with IPv6 disabled
* sle12all/lvmsnapshot-000019858.py: LVM snapshot changed state to Invalid and should be removed
* sle12all/lvm-volume-list-7016683.py: Fixed execution error
* sle12all/iscsimnts-000019648.py: Proper mount options for iSCSI drives
* sle12all/coredumpctl-000018634.py: How to obtain systemd service core dumps
* sle12all/btrfsmaster-000018779.py: BTRFS Master TID
* sle12all/btrfscron-000019583.py: After upgrading BTRFS cron jobs are not working anymore (bsc#1159891)
* sle12all/blacklist-000019607.py: System exit to emergency shell at boot with multipath enabled
* CVE-2020-12351, CVE-2020-12352, CVE-2020-24490: BleedingTooth
+ sle12sp5/bleedingtooth_125-000019735.py
+ sle12sp4/bleedingtooth_124-000019735.py
+ sle12sp3/bleedingtooth_123-000019735.py
+ sle12sp2/bleedingtooth_122-000019735.py
* CVE-2020-0548, CVE-2020-0549: L1D data cache eviction and Vector Register sampling (bsc#1156353)
+ sle12sp5/ucodeintel_125-000019635.py
+ sle12sp4/ucodeintel_124-000019635.py
+ sle12sp3/ucodeintel_123-000019635.py
+ sle12sp2/ucodeintel_122-000019635.py
* CVE-2020-0543: Special Register Buffer Data Sampling aka CrossTalk (bsc#1154824)
+ sle12sp5/crosstalk_125-000019643.py
+ sle12sp4/crosstalk_124-000019643.py
+ sle12sp3/crosstalk_123-000019643.py
+ sle12sp2/crosstalk_122-000019643.py
- Updated patterns:
* sle12all/scc-expired.py: Identify if SCC registrations have expired
* sle12all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for
missing physical volumes
* sle12all/lvm-00004.pl: LMV Check sum errors may indicate corrupted LVM metadata
* sle12all/lvm-00005.pl: Duplicate volume groups are usually a configuration issue
- Renamed patterns for file standard:
* Renamed patterns/SLE/sle12all/scc-expired.py to patterns/SLE/sle12all/bhc-scc-expired.py
* Renamed patterns/SLE/sle12all/scc-registered.py to patterns/SLE/sle12all/bhc-scc-registered.py
- Deleted regular patterns (1)
* sle12all/systemd-current-failed-7017137.py: Moved to service packs with fixes (bsc#1187983)
* sle12all/bhc-scc.sh: Pattern removed (bsc#1184594)
* sle12all/pdc-00001.pl: Pattern removed OES Dependent
* sle12all/pdc-00002.pl: Pattern removed OES Dependent
* sle12all/lvm-00001.pl: Pattern removed
* sle12all/lvm-00002.pl: Pattern removed
sca-patterns-sle11:
- Version update from 1.3.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):
* Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)
* Removed OES dependent patterns (bsc#1196873)
- New security announcement patterns:
* Apr 2022 (5) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1
SUSE-SU-2022:14951-1
* Mar 2022 (19) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1
SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1
SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1
SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1
* Feb 2022 (27) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1
SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1
SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1
SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1
SUSE-SU-2022:14889-1 SUSE-SU-2022:14886-1 SUSE-SU-2022:14888-1 SUSE-SU-2022:14890-1 SUSE-SU-2022:14887-1
SUSE-SU-2022:14896-1 SUSE-SU-2022:14884-1 SUSE-SU-2022:14894-1
* Jan 2022 (34) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1
SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1
SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1
SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1
SUSE-SU-2022:14889-1 SUSE-SU-2022:14886-1 SUSE-SU-2022:14888-1 SUSE-SU-2022:14890-1 SUSE-SU-2022:14887-1
SUSE-SU-2022:14896-1 SUSE-SU-2022:14884-1 SUSE-SU-2022:14894-1 SUSE-SU-2022:14880-1 SUSE-SU-2022:14881-1
SUSE-SU-2022:14872-1 SUSE-SU-2022:14875-1 SUSE-SU-2022:14878-1 SUSE-SU-2022:14882-1 SUSE-SU-2022:14879-1
* Jul 2021 (5) for SUSE-SU-2021:14769-1 SUSE-SU-2021:14771-1 SUSE-SU-2021:14766-1 SUSE-SU-2021:14764-1
SUSE-SU-2021:14761-1
* Jun 2021 (12) for SUSE-SU-2021:14747-1 SUSE-SU-2021:14748-1 SUSE-SU-2021:14744-1 SUSE-SU-2021:14757-1
SUSE-SU-2021:14743-1 SUSE-SU-2021:14758-1 SUSE-SU-2021:14751-1 SUSE-SU-2021:14750-1 SUSE-SU-2021:14740-1
SUSE-SU-2021:14760-1 SUSE-SU-2021:14759-1 SUSE-SU-2021:14749-1
* May 2021 (5) for SUSE-SU-2021:14729-1 SUSE-SU-2021:14724-1 SUSE-SU-2021:14738-1 SUSE-SU-2021:14728-1
SUSE-SU-2021:14714-1
* Apr 2021 (10) for SUSE-SU-2021:14690-1 SUSE-SU-2021:14702-1 SUSE-SU-2021:14705-1 SUSE-SU-2021:14709-1
SUSE-SU-2021:14700-1 SUSE-SU-2021:14708-1 SUSE-SU-2021:14684-1 SUSE-SU-2021:14704-1 SUSE-SU-2021:14712-1
SUSE-SU-2021:14692-1
- New regular patterns:
* sle11sp4/ghostcat_114-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle11sp3/ghostcat_113-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)
* sle11all/softlock-000018705.py: soft lockup messages about
* sle11all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition
* sle11all/btrfsmaster-000018779.py: BTRFS Master TID
* CVE-2020-0543: sle11sp4/crosstalk_114-000019643.py: Special Register Buffer Data Sampling aka CrossTalk
(bsc#1154824)
- Deleted regular patterns:
* sle11all/bhc-scc.sh: Pattern removed (bsc#1184594)
Patchnames: SUSE-2022-4496,SUSE-SLE-Module-Server-Applications-15-SP3-2022-4496,openSUSE-SLE-15.3-2022-4496
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
96 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Feature update for SCA patterns",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SCA patterns fixes the following issues:\n\nsca-patterns-base:\n\n- Version update from 1.3.1 to 1.5.0 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Added Core.loadFullFile for sectionless parsing (bsc#1187194)\n * Added SUSE.getNetworkInterfaces (bsc#1144162)\n * Changed required dependencies from python to python3-base (bsc#1191199)\n * Fix SUSE.getFileSystems invalid index error (bsc#1185594)\n * Fix SUSE.getFileSystems unbound local SWAP variable (bsc#1185593)\n * Removed Novell/OES references from libraries (bsc#1186034)\n * Updated documentation for SUSE.compareKernel\n * Updated kernel version constants for all SUSE libraries (bsc#1189483)\n\nsca-patterns-hae:\n\n- Version update from 1.3.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Added distribution and service pack subdirectories (bsc#1193878)\n * False positive hit from /usr/lib/sca/patterns/HAE/stonith-00002.pl (bsc#1124793)\n * HAE Policies Quorum 2 node cluster requires ignore policy (bsc#1167689)\n * supportconfig indicates IPv6 required by HAE, is already enabled (bsc#1045605)\n\nsca-patterns-suma:\n\n- Version update from 1.0 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n\nsca-server-report:\n\n- Version update from 1.0.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Changed absolute paths to relative ones (bsc#1186316)\n * Changed required dependencies from python to python3-base (bsc#1191199)\n * Ensure that the legacy SuSE-release file works (bsc#1196730) \n * Fix sca report header supportconfig file (bsc#1186442)\n * Fix the report file output path (bsc#1180894)\n * Removed preprocessor elements for OES Filr eDir (bsc#1186420)\n\nsca-patterns-sle15:\n\n- Version update from 1.0.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Added Video link to coredumpctl-000018634.py\n * Added video links to patterns (bsc#1190460):\n * bhc-scc-expired.py, bhc-scc-registered.py, bhc-diskused-00001.pl, bhc-memused-00001.pl\n * Fixed crosstalk message strings (bsc#1186312)\n * Fixed field reference in sle15all/lvm-00003.pl\n * Fixed metadata tags in scc-registered.py\n * Fixed percent used calculation for bhc-memused-00001.pl (bsc#1189889)\n * Removed outdated TID2 link in bhc-diskused-00001.pl (bsc#1190260)\n * Requires Core library 1.3.3 which contains Core.logFullFile function\n * Updated registration link in bhc-scc-registered.py\n * Updated renewal link in bhc-scc-expired.py\n- New security announcement patterns:\n * Apr 2022 (13) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1\n SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1\n SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1\n * Mar 2022 (48) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1\n SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1\n SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1\n SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1\n SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1\n SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1\n * Feb 2022 (60) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1\n SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1\n SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1\n SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1\n SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1\n SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0277-1\n SUSE-SU-2022:0283-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0468-1 SUSE-SU-2022:0541-1 SUSE-SU-2022:0284-1\n SUSE-SU-2022:0563-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0563-1 SUSE-SU-2022:0301-1 SUSE-SU-2022:0367-1\n SUSE-SU-2022:0367-1\n * Jan 2022 (92) for SUSE-SU-2022:1293-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1108-1\n SUSE-SU-2022:1292-1 SUSE-SU-2022:1313-1 SUSE-SU-2022:1448-1 SUSE-SU-2022:1250-1 SUSE-SU-2022:1255-1\n SUSE-SU-2022:1255-1 SUSE-SU-2022:1288-1 SUSE-SU-2022:1427-1 SUSE-SU-2022:1139-1 SUSE-SU-2022:0931-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0779-1 SUSE-SU-2022:0695-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1058-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0853-1 SUSE-SU-2022:0819-1 SUSE-SU-2022:0778-1\n SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0732-1\n SUSE-SU-2022:0703-1 SUSE-SU-2022:0810-1 SUSE-SU-2022:0694-1 SUSE-SU-2022:0826-1 SUSE-SU-2022:0825-1\n SUSE-SU-2022:1057-1 SUSE-SU-2022:0679-1 SUSE-SU-2022:0851-1 SUSE-SU-2022:1041-1 SUSE-SU-2022:0819-1\n SUSE-SU-2022:0778-1 SUSE-SU-2022:0676-1 SUSE-SU-2022:0725-1 SUSE-SU-2022:0754-1 SUSE-SU-2022:0766-1\n SUSE-SU-2022:0766-1 SUSE-SU-2022:0933-1 SUSE-SU-2022:0934-1 SUSE-SU-2022:0929-1 SUSE-SU-2022:0277-1\n SUSE-SU-2022:0283-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0468-1 SUSE-SU-2022:0541-1 SUSE-SU-2022:0284-1\n SUSE-SU-2022:0563-1 SUSE-SU-2022:0500-1 SUSE-SU-2022:0563-1 SUSE-SU-2022:0301-1 SUSE-SU-2022:0367-1\n SUSE-SU-2022:0367-1 SUSE-SU-2022:0043-1 SUSE-SU-2022:0177-1 SUSE-SU-2022:0064-1 SUSE-SU-2022:0134-1\n SUSE-SU-2022:0141-1 SUSE-SU-2022:0050-1 SUSE-SU-2022:0021-1 SUSE-SU-2022:0069-1 SUSE-SU-2022:0198-1\n SUSE-SU-2022:0131-1 SUSE-SU-2022:0088-1 SUSE-SU-2022:0144-1 SUSE-SU-2022:0151-1 SUSE-SU-2022:0091-1\n SUSE-SU-2022:0091-1 SUSE-SU-2022:0183-1 SUSE-SU-2022:0211-1 SUSE-SU-2022:0191-1 SUSE-SU-2022:0050-1\n SUSE-SU-2022:0137-1 SUSE-SU-2022:0214-1 SUSE-SU-2022:0128-1 SUSE-SU-2022:0119-1 SUSE-SU-2022:0183-1\n SUSE-SU-2022:0211-1 SUSE-SU-2022:0251-1 SUSE-SU-2022:0200-1 SUSE-SU-2022:0191-1 SUSE-SU-2022:0137-1\n SUSE-SU-2022:0214-1 SUSE-SU-2022:0031-1 SUSE-SU-2022:0119-1\n * Jul 2021 (20) for SUSE-SU-2021:2457-1 SUSE-SU-2021:2410-1 SUSE-SU-2021:2442-1 SUSE-SU-2021:2352-1\n SUSE-SU-2021:1863-2 SUSE-SU-2021:2415-1 SUSE-SU-2021:2555-1 SUSE-SU-2021:2439-1 SUSE-SU-2021:2459-1\n SUSE-SU-2021:2291-1 SUSE-SU-2021:2457-1 SUSE-SU-2021:2404-1 SUSE-SU-2021:2474-1 SUSE-SU-2021:2471-1\n SUSE-SU-2021:2438-1 SUSE-SU-2021:2325-1 SUSE-SU-2021:2439-1 SUSE-SU-2021:2461-1 SUSE-SU-2021:2421-1\n SUSE-SU-2021:2470-1\n * Jun 2021 (46) for SUSE-SU-2021:2011-1 SUSE-SU-2021:1933-1 SUSE-SU-2021:1998-1 SUSE-SU-2021:2106-1\n SUSE-SU-2021:1951-1 SUSE-SU-2021:2213-1 SUSE-SU-2021:1942-1 SUSE-SU-2021:2012-1 SUSE-SU-2021:1859-1\n SUSE-SU-2021:1843-1 SUSE-SU-2021:1825-1 SUSE-SU-2021:2196-1 SUSE-SU-2021:1917-1 SUSE-SU-2021:1958-1\n SUSE-SU-2021:2184-1 SUSE-SU-2021:1977-1 SUSE-SU-2021:1819-1 SUSE-SU-2021:1944-1 SUSE-SU-2021:1834-1\n SUSE-SU-2021:1826-1 SUSE-SU-2021:2127-1 SUSE-SU-2021:2011-1 SUSE-SU-2021:1933-1 SUSE-SU-2021:1999-1\n SUSE-SU-2021:2106-1 SUSE-SU-2021:2212-1 SUSE-SU-2021:1893-1 SUSE-SU-2021:1859-1 SUSE-SU-2021:1994-1\n SUSE-SU-2021:1970-1 SUSE-SU-2021:1843-1 SUSE-SU-2021:2196-1 SUSE-SU-2021:1917-1 SUSE-SU-2021:1958-1\n SUSE-SU-2021:1890-1 SUSE-SU-2021:1819-1 SUSE-SU-2021:1834-1 SUSE-SU-2021:2127-1 SUSE-SU-2021:1901-1\n SUSE-SU-2021:1911-1 SUSE-SU-2021:2104-1 SUSE-SU-2021:1895-1 SUSE-SU-2021:2155-1 SUSE-SU-2021:2122-1\n SUSE-SU-2021:2211-1 SUSE-SU-2021:1845-1\n * May 2021 (39) for SUSE-SU-2021:1557-1 SUSE-SU-2021:1806-1 SUSE-SU-2021:1785-1 SUSE-SU-2021:1466-1\n SUSE-SU-2021:1491-1 SUSE-SU-2021:1577-1 SUSE-SU-2021:1654-1 SUSE-SU-2021:1523-1 SUSE-SU-2021:1765-1 \n SUSE-SU-2021:1755-1 SUSE-SU-2021:1599-1 SUSE-SU-2021:1761-1 SUSE-SU-2021:1655-1 SUSE-SU-2021:1598-1 \n SUSE-SU-2021:1762-1 SUSE-SU-2021:1474-1 SUSE-SU-2021:1493-1 SUSE-SU-2021:1557-1 SUSE-SU-2021:1806-1 \n SUSE-SU-2021:1785-1 SUSE-SU-2021:1466-1 SUSE-SU-2021:1491-1 SUSE-SU-2021:1577-1 SUSE-SU-2021:1654-1 \n SUSE-SU-2021:1523-1 SUSE-SU-2021:1765-1 SUSE-SU-2021:1755-1 SUSE-SU-2021:1574-1 SUSE-SU-2021:1599-1 \n SUSE-SU-2021:1761-1 SUSE-SU-2021:1636-1 SUSE-SU-2021:1655-1 SUSE-SU-2021:1598-1 SUSE-SU-2021:1762-1 \n SUSE-SU-2021:1474-1 SUSE-SU-2021:1493-1 SUSE-SU-2021:1500-1 SUSE-SU-2021:1792-1 SUSE-SU-2021:1573-1\n * May 2021 (30) for SUSE-SU-2021:1182-1 SUSE-SU-2021:1430-1 SUSE-SU-2021:1168-1 SUSE-SU-2021:1408-1 \n SUSE-SU-2021:1409-1 SUSE-SU-2021:1182-1 SUSE-SU-2021:1028-1 SUSE-SU-2021:1166-1 SUSE-SU-2021:1430-1\n SUSE-SU-2021:1113-1 SUSE-SU-2021:1444-1 SUSE-SU-2021:1280-1 SUSE-SU-2021:1243-1 SUSE-SU-2021:1168-1\n SUSE-SU-2021:1408-1 SUSE-SU-2021:1094-1 SUSE-SU-2021:1029-1 SUSE-SU-2021:1238-1 SUSE-SU-2021:1409-1\n SUSE-SU-2021:1006-1 SUSE-SU-2021:1161-1 SUSE-SU-2021:1108-1 SUSE-SU-2021:1282-1 SUSE-SU-2021:1179-1\n SUSE-SU-2021:1153-1 SUSE-SU-2021:1445-1 SUSE-SU-2021:1244-1 SUSE-SU-2021:1292-1 SUSE-SU-2021:1103-1\n SUSE-SU-2021:1455-1\n- New regular patterns:\n * sle15sp3/oldlvm-000019878.py, sle15sp2/oldlvm-000019878.py: Physical Volume is using an old PV header (bsc#1179170)\n * sle15sp3/intelpstate_153-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon\n Scalable processors (bsc#1185758)\n * sle15sp3/dasdkvm-000020295.py: DASD partitions not recognized on SUSE Linux Enterprise 15 Service Pack 3 KVM guest\n * sle15sp2/rpmnfs-000020364.py, sle15sp3/rpmnfs-000020364.py: Upgrading an RPM reports cpio chmod failed\n (bsc#1189394)\n * sle15sp2/nfstimeout_152-000019943.py: Delayed outgoing packets causing NFS timeouts (bsc#1183405)\n * sle15sp2/mpiopmem-000019884.py: Executing multipath -ll on Optane memory based pmem devices returns HDIO_GETGEO\n failed with 25 (bsc#1182917)\n * sle15sp2/ipmitool-000020250.py: hanging on getting cipher suites (bsc#1185684)\n * sle15sp2/intelpstate_152-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon Scalable\n processors (bsc#1185758)\n * sle15sp2/ghostcat_152-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle15sp2/fcoe-000019889.py: System with FCoE connected devices fails to boot randomly due to wicked ordering cycle\n problems (bsc#1176140)\n * sle15sp1/qlogic-000019630.py: System crashes when the system is rebooted with SR-IOV enabled QLogic cards\n (bsc#1155990)\n * sle15sp1/passthrough-000019579.py: Passthrough of Raid Controller to KVM guest results in NMI and unresponsiveness\n on host (bsc#1152800)\n * sle15sp1/nfsperf-151-000019615.py: Performance loss when writing large files over NFS (bsc#1163403) \n * sle15sp1/nfsipv6_151-000019618.py: Timeout when attempting NFS mount over IPv6 (bsc#1144162)\n * sle15sp1/nfit-000019688.py: dmesg shows NFIT related messages after updating the kernel (bsc#1159356)\n * sle15sp1/namespace-000019571.py: Activation of multiple namespaces simultaneously may lead to an activation\n failure (bsc#1157778)\n * sle15sp1/ipmi-000019602.py: IPMI driver can be unloaded when being accessed by user space (bsc#1154768)\n * sle15sp1/ghostcat_151-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle15sp1/edac-000019537.py: A kernel message shows EDAC amd64 Error F0 not found, device 0x1460 broken BIOS \n (bsc#1131489)\n * sle15sp1/docore_151-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1177753)\n * sle15sp0/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)\n * sle15sp0/ghostcat_150-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle15all/zypproxy-000020275.py: zypper commands return Error code HTTP response 0\n * sle15all/vmcore-00002.pl: Detects the need for a kernel core analysis\n * sle15all/vmcore-00001.pl: Identifies kernel core dumps for review\n * sle15all/udevmac-000020260.py: systemd-udevd Could not generate persistent MAC address for br0 No such file or\n directory (bsc#1185357)\n * sle15all/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle15all/sysdjobs-000020261.py: Troubleshooting systemd jobs that are hung or stuck\n * sle15all/softlock-000018705.py: soft lockup messages about\n * sle15all/slapd-000019711.py: slapd.service not enabled/failed after upgrade from SUSE Linux Enterprise 11 Service\n Pack 4 to SUSE Linux Enterprise 15 (bsc#1156353)\n * sle15all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition\n * sle15all/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL\n server (bsc#1183464)\n * sle15all/scc-registered.py: Check system registration status\n * sle15all/scc-expired.py: Identify if SCC registrations have expired\n * sle15all/scatool-000020253.py: scatool fails to analyze supportconfigs with xz compression (bsc#1155181)\n * sle15all/scatool-000004685.py: scatool fails with traceback\n * sle15all/proxy-00003.pl: Checks for proxy environment variables\n * sle15all/postfix-000020356.py: Postfix fails to start with IPv6 disabled\n * sle15all/oomvsftpd-000020252.py: vsftpd and other processes terminated due to OOM scenario (bsc#1182905)\n * sle15all/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from SUSE Linux\n Enterprise 15 Service Pack 2 (bsc#1176375)\n * sle15all/mysqlperf-000020354.py: mysqld segfault when the system is under stress (bsc#1186792)\n * sle15all/lvmsnapshot-000019858.py: LVM snapshot changed state to Invalid and should be removed (bsc#1179170)\n * sle15all/lvm-00005.pl: Duplicate volume groups are usually a configuration issue\n * sle15all/lvm-00004.pl: LMV Check sum errors may indicate corrupted LVM metadata\n * sle15all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for\n missing physical volumes.\n * sle15all/iscsimnts-000019648.py: Proper mount options for iSCSI drives\n * sle15all/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can\u0027t install (bsc#1187508)\n * sle15all/coredumpctl-000018634.py: How to obtain systemd service core dumps\n * sle15all/btrfsmaster-000018779.py: BTRFS Master TID\n * sle15all/blacklist-000019607.py: System exit to emergency shell at boot with multipath enabled\n * sle15all/bhc-scc.sh: Pattern removed (bsc#1184594, bsc#1186317)\n * sle15all/acpid-000019708.py: acpid.service failed to start after upgrade (bsc#1158890)\n * CVE-2020-0543: Special Register Buffer Data Sampling aka CrossTalk (bsc#1154824)\n + sle15sp2/crosstalk_152-000019643.py\n + sle15sp1/crosstalk_151-000019643.py\n * CVE-2020-0548, CVE-2020-0549: L1D data cache eviction and Vector Register sampling (bsc#1156353)\n + sle15sp2/ucodeintel_152-000019635.py\n + sle15sp1/ucodeintel_151-000019635.py\n + sle15sp0/ucodeintel_150-000019635.py\n- Renamed pattern files for filename standard\n * Renamed patterns/SLE/sle15all/scc-expired.py to patterns/SLE/sle15all/bhc-scc-expired.py\n * Renamed /SLE/sle15all/scc-registered.py to patterns/SLE/sle15all/bhc-scc-registered.py\n- Updated regular patterns:\n * sle15all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for\n missing physical volumes\n\nsca-patterns-sle12:\n\n- Version update from 1.0.2 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Added Video link to coredumpctl-000018634.py\n * Added video links to patterns (bsc#1190460): \n + bhc-scc-expired.py, bhc-scc-registered.py, bhc-diskused-00001.pl, bhc-memused-00001.pl\n * Fixed crosstalk message strings (bsc#1186312)\n * Fixed metadata tags for scc-registered.py\n * Removed outdated TID2 link in bhc-diskused-00001.pl (bsc#1190260)\n * Requires Core library 1.3.3 which contains Core.logFullFile function\n * Updated registration link in bhc-scc-registered.py\n * Updated renewal link in bhc-scc-expired.py\n * Updated scc-registered.py pattern to fix registration detection\n- New security announcement patterns:\n * Apr 2022 (53) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1\n SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1\n SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1\n SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1\n SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1\n SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1\n SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1\n * Mar 2022 (127) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1\n SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1\n SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1\n SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1\n SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1\n SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1\n SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1\n SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1\n SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1\n SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1\n SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1\n SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1\n SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1\n SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1\n SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1\n SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1\n * Feb 2022 (169) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1\n SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1\n SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1\n SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1\n SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1\n SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1\n SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1\n SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1\n SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1\n SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1\n SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1\n SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1\n SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1\n SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1\n SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1\n SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0469-1 \n SUSE-SU-2022:0504-1 SUSE-SU-2022:0478-1 SUSE-SU-2022:0576-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1\n SUSE-SU-2022:0323-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1 SUSE-SU-2022:0372-1 SUSE-SU-2022:0561-1\n SUSE-SU-2022:0495-1 SUSE-SU-2022:0440-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0331-1 SUSE-SU-2022:0478-1\n SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1\n SUSE-SU-2022:0271-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0359-1\n SUSE-SU-2022:0478-1 SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1\n SUSE-SU-2022:0552-1 SUSE-SU-2022:0329-1 SUSE-SU-2022:0328-1 SUSE-SU-2022:0327-1 SUSE-SU-2022:0325-1\n SUSE-SU-2022:0271-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1\n * Jan 2022 (218) for SUSE-SU-2022:1254-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1294-1 SUSE-SU-2022:1151-1\n SUSE-SU-2022:1094-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1478-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1\n SUSE-SU-2022:1168-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1272-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1266-1\n SUSE-SU-2022:1474-1 SUSE-SU-2022:1475-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1\n SUSE-SU-2022:1417-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1285-1 SUSE-SU-2022:1105-1 SUSE-SU-2022:1294-1\n SUSE-SU-2022:1258-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1312-1 SUSE-SU-2022:1217-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1267-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1429-1 SUSE-SU-2022:1160-1 SUSE-SU-2022:1408-1\n SUSE-SU-2022:1294-1 SUSE-SU-2022:1129-1 SUSE-SU-2022:1113-1 SUSE-SU-2022:1308-1 SUSE-SU-2022:1168-1\n SUSE-SU-2022:1440-1 SUSE-SU-2022:1312-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1270-1 SUSE-SU-2022:1275-1\n SUSE-SU-2022:1123-1 SUSE-SU-2022:1306-1 SUSE-SU-2022:1289-1 SUSE-SU-2022:1428-1 SUSE-SU-2022:0733-1\n SUSE-SU-2022:1023-1 SUSE-SU-2022:0939-1 SUSE-SU-2022:0811-1 SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1\n SUSE-SU-2022:0895-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1\n SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:0913-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0765-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0730-1\n SUSE-SU-2022:0678-1 SUSE-SU-2022:0677-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1 SUSE-SU-2022:0908-1\n SUSE-SU-2022:0881-1 SUSE-SU-2022:0928-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1062-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0784-1 SUSE-SU-2022:0860-1 SUSE-SU-2022:0857-1 SUSE-SU-2022:0822-1\n SUSE-SU-2022:0777-1 SUSE-SU-2022:0782-1 SUSE-SU-2022:0820-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1\n SUSE-SU-2022:1024-1 SUSE-SU-2022:0910-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0908-1 SUSE-SU-2022:0918-1 SUSE-SU-2022:0733-1 SUSE-SU-2022:1043-1 SUSE-SU-2022:0811-1\n SUSE-SU-2022:0690-1 SUSE-SU-2022:0854-1 SUSE-SU-2022:0822-1 SUSE-SU-2022:0777-1 SUSE-SU-2022:0820-1\n SUSE-SU-2022:1036-1 SUSE-SU-2022:1026-1 SUSE-SU-2022:1025-1 SUSE-SU-2022:1024-1 SUSE-SU-2022:1012-1\n SUSE-SU-2022:1003-1 SUSE-SU-2022:0668-1 SUSE-SU-2022:0667-1 SUSE-SU-2022:0653-1 SUSE-SU-2022:0762-1\n SUSE-SU-2022:0762-1 SUSE-SU-2022:0871-1 SUSE-SU-2022:0909-1 SUSE-SU-2022:0842-1 SUSE-SU-2022:0698-1\n SUSE-SU-2022:0918-1 SUSE-SU-2022:1044-1 SUSE-SU-2022:0882-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0469-1\n SUSE-SU-2022:0504-1 SUSE-SU-2022:0478-1 SUSE-SU-2022:0576-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1\n SUSE-SU-2022:0323-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1 SUSE-SU-2022:0372-1 SUSE-SU-2022:0561-1\n SUSE-SU-2022:0495-1 SUSE-SU-2022:0440-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0331-1 SUSE-SU-2022:0478-1\n SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1 SUSE-SU-2022:0441-1\n SUSE-SU-2022:0271-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1 SUSE-SU-2022:0542-1 SUSE-SU-2022:0359-1\n SUSE-SU-2022:0478-1 SUSE-SU-2022:0575-1 SUSE-SU-2022:0496-1 SUSE-SU-2022:0505-1 SUSE-SU-2022:0565-1\n SUSE-SU-2022:0552-1 SUSE-SU-2022:0329-1 SUSE-SU-2022:0328-1 SUSE-SU-2022:0327-1 SUSE-SU-2022:0325-1\n SUSE-SU-2022:0271-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0362-1 SUSE-SU-2022:0495-1 SUSE-SU-2022:0358-1\n SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0110-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0060-1\n SUSE-SU-2022:0118-1 SUSE-SU-2022:0189-1 SUSE-SU-2022:0061-1 SUSE-SU-2022:0030-1 SUSE-SU-2022:0115-1\n SUSE-SU-2022:0212-1 SUSE-SU-2022:0032-1 SUSE-SU-2022:0034-1 SUSE-SU-2022:0080-1 SUSE-SU-2022:0068-1\n SUSE-SU-2022:0166-1 SUSE-SU-2022:0107-1 SUSE-SU-2022:0081-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0160-1\n SUSE-SU-2022:0145-1 SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0189-1\n SUSE-SU-2022:0030-1 SUSE-SU-2022:0115-1 SUSE-SU-2022:0212-1 SUSE-SU-2022:0042-1 SUSE-SU-2022:0034-1\n SUSE-SU-2022:0166-1 SUSE-SU-2022:0107-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0065-1 SUSE-SU-2022:0145-1\n SUSE-SU-2022:0161-1 SUSE-SU-2022:0142-1 SUSE-SU-2022:0202-1 SUSE-SU-2022:0189-1 SUSE-SU-2022:0030-1\n SUSE-SU-2022:0115-1 SUSE-SU-2022:0212-1 SUSE-SU-2022:0041-1 SUSE-SU-2022:0034-1 SUSE-SU-2022:0166-1\n SUSE-SU-2022:0107-1 SUSE-SU-2022:0179-1 SUSE-SU-2022:0065-1 SUSE-SU-2022:0145-1\n * Jun 2021 (80) for SUSE-SU-2021:2014-1 SUSE-SU-2021:1990-1 SUSE-SU-2021:1929-1 SUSE-SU-2021:1838-1\n SUSE-SU-2021:1906-1 SUSE-SU-2021:1880-1 SUSE-SU-2021:1837-1 SUSE-SU-2021:1842-1 SUSE-SU-2021:2152-1\n SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1 SUSE-SU-2021:1830-1 SUSE-SU-2021:2180-1\n SUSE-SU-2021:2135-1 SUSE-SU-2021:1957-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:2016-1 SUSE-SU-2021:1913-1\n SUSE-SU-2021:1887-1 SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1 SUSE-SU-2021:1959-1 SUSE-SU-2021:1822-1\n SUSE-SU-2021:2137-1 SUSE-SU-2021:1943-1 SUSE-SU-2021:2175-1 SUSE-SU-2021:2006-1 SUSE-SU-2021:1900-1\n SUSE-SU-2021:2014-1 SUSE-SU-2021:1990-1 SUSE-SU-2021:1930-1 SUSE-SU-2021:1906-1 SUSE-SU-2021:1947-1\n SUSE-SU-2021:1842-1 SUSE-SU-2021:2152-1 SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1\n SUSE-SU-2021:1830-1 SUSE-SU-2021:2180-1 SUSE-SU-2021:2135-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:1891-1\n SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1 SUSE-SU-2021:1960-1 SUSE-SU-2021:1822-1 SUSE-SU-2021:1943-1\n SUSE-SU-2021:1494-2 SUSE-SU-2021:2175-1 SUSE-SU-2021:2006-1 SUSE-SU-2021:1900-1 SUSE-SU-2021:2014-1\n SUSE-SU-2021:1990-1 SUSE-SU-2021:1930-1 SUSE-SU-2021:1906-1 SUSE-SU-2021:1894-1 SUSE-SU-2021:1842-1\n SUSE-SU-2021:2119-1 SUSE-SU-2021:2159-1 SUSE-SU-2021:1886-1 SUSE-SU-2021:1892-1 SUSE-SU-2021:1830-1\n SUSE-SU-2021:2180-1 SUSE-SU-2021:2135-1 SUSE-SU-2021:2156-1 SUSE-SU-2021:2060-1 SUSE-SU-2021:2042-1\n SUSE-SU-2021:2026-1 SUSE-SU-2021:1870-1 SUSE-SU-2021:1865-1 SUSE-SU-2021:1980-1 SUSE-SU-2021:1875-1\n SUSE-SU-2021:1960-1 SUSE-SU-2021:1822-1 SUSE-SU-2021:1943-1 SUSE-SU-2021:1494-2 SUSE-SU-2021:2175-1\n SUSE-SU-2021:2006-1\n * May 2021 (39) for SUSE-SU-2021:1580-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1490-1 SUSE-SU-2021:1783-1\n SUSE-SU-2021:1782-1 SUSE-SU-2021:1576-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1524-1 SUSE-SU-2021:1766-1\n SUSE-SU-2021:1595-1 SUSE-SU-2021:1572-1 SUSE-SU-2021:1760-1 SUSE-SU-2021:1646-1 SUSE-SU-2021:1813-1\n SUSE-SU-2021:1645-1 SUSE-SU-2021:1763-1 SUSE-SU-2021:1468-1 SUSE-SU-2021:1494-1 SUSE-SU-2021:1648-1\n SUSE-SU-2021:1492-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1596-1 SUSE-SU-2021:1646-1\n SUSE-SU-2021:1813-1 SUSE-SU-2021:1645-1 SUSE-SU-2021:1786-1 SUSE-SU-2021:1468-1 SUSE-SU-2021:1492-1\n SUSE-SU-2021:1621-1 SUSE-SU-2021:1658-1 SUSE-SU-2021:1623-1 SUSE-SU-2021:1646-1 SUSE-SU-2021:1813-1\n SUSE-SU-2021:1645-1 SUSE-SU-2021:1469-1 SUSE-SU-2021:1621-1 SUSE-SU-2021:1617-1 SUSE-SU-2021:1469-1\n * Apr 2021 (69) for SUSE-SU-2021:1181-1 SUSE-SU-2021:1023-1 SUSE-SU-2021:1274-1 SUSE-SU-2021:1438-1\n SUSE-SU-2021:1242-1 SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1396-1 SUSE-SU-2021:1325-1\n SUSE-SU-2021:1152-1 SUSE-SU-2021:1125-1 SUSE-SU-2021:1248-1 SUSE-SU-2021:1210-1 SUSE-SU-2021:1175-1\n SUSE-SU-2021:1435-1 SUSE-SU-2021:1314-1 SUSE-SU-2021:1277-1 SUSE-SU-2021:1030-1 SUSE-SU-2021:1165-1\n SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1174-1 SUSE-SU-2021:1159-1 SUSE-SU-2021:1315-1\n SUSE-SU-2021:1180-1 SUSE-SU-2021:1251-1 SUSE-SU-2021:1273-1 SUSE-SU-2021:1241-1 SUSE-SU-2021:1429-1\n SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1325-1 SUSE-SU-2021:1152-1 SUSE-SU-2021:1435-1\n SUSE-SU-2021:1165-1 SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1189-1 SUSE-SU-2021:1187-1\n SUSE-SU-2021:1252-1 SUSE-SU-2021:1431-1 SUSE-SU-2021:1273-1 SUSE-SU-2021:1240-1 SUSE-SU-2021:1401-1\n SUSE-SU-2021:1399-1 SUSE-SU-2021:1373-1 SUSE-SU-2021:1341-1 SUSE-SU-2021:1325-1 SUSE-SU-2021:1152-1\n SUSE-SU-2021:1075-1 SUSE-SU-2021:1074-1 SUSE-SU-2021:1435-1 SUSE-SU-2021:1111-1 SUSE-SU-2021:1453-1\n SUSE-SU-2021:1189-1 SUSE-SU-2021:1187-1 SUSE-SU-2021:1431-1 SUSE-SU-2021:1267-1 SUSE-SU-2021:1442-1\n SUSE-SU-2021:1439-1 SUSE-SU-2021:1305-1 SUSE-SU-2021:1401-1 SUSE-SU-2021:1399-1 SUSE-SU-2021:1325-1\n SUSE-SU-2021:1152-1 SUSE-SU-2021:1148-1 SUSE-SU-2021:1145-1 SUSE-SU-2021:1453-1 SUSE-SU-2021:1189-1\n * Mar 2021 New Security Announcement Patterns (79) for SUSE-SU-2021:0990-1 SUSE-SU-2021:0720-1\n SUSE-SU-2021:0929-1 SUSE-SU-2021:0988-1 SUSE-SU-2021:0975-1 SUSE-SU-2021:0776-1 SUSE-SU-2021:0794-1\n SUSE-SU-2021:0886-1 SUSE-SU-2021:0887-1 SUSE-SU-2021:0675-1 SUSE-SU-2021:0987-1 SUSE-SU-2021:0954-1\n SUSE-SU-2021:0752-1 SUSE-SU-2021:0725-1 SUSE-SU-2021:0998-1 SUSE-SU-2021:0693-1 SUSE-SU-2021:0663-1\n SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0742-1 SUSE-SU-2021:0739-1\n SUSE-SU-2021:0681-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0713-1 SUSE-SU-2021:0779-1\n SUSE-SU-2021:0745-1 SUSE-SU-2021:0929-1 SUSE-SU-2021:0988-1 SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1\n SUSE-SU-2020:2173-2 SUSE-SU-2021:0954-1 SUSE-SU-2021:0752-1 SUSE-SU-2021:0725-1 SUSE-SU-2021:0693-1\n SUSE-SU-2021:0663-1 SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0736-1\n SUSE-SU-2021:0681-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0745-1 SUSE-SU-2021:0929-1\n SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1 SUSE-SU-2020:2173-2 SUSE-SU-2021:0939-1 SUSE-SU-2021:0693-1\n SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0667-1 SUSE-SU-2021:0870-1 SUSE-SU-2021:0835-1\n SUSE-SU-2021:0743-1 SUSE-SU-2021:0682-1 SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1 SUSE-SU-2021:0745-1\n SUSE-SU-2021:0929-1 SUSE-SU-2021:0928-1 SUSE-SU-2021:0794-1 SUSE-SU-2021:0675-1 SUSE-SU-2020:2173-2\n SUSE-SU-2021:0939-1 SUSE-SU-2021:0693-1 SUSE-SU-2021:0932-1 SUSE-SU-2021:0999-1 SUSE-SU-2021:0999-1\n SUSE-SU-2021:0667-1 SUSE-SU-2021:0870-1 SUSE-SU-2021:0835-1 SUSE-SU-2021:0744-1 SUSE-SU-2021:0679-1\n SUSE-SU-2021:0801-1 SUSE-SU-2021:0756-1\n- New regular patterns:\n * sle12sp5/vmtools-000004682.py: Extensive logging in vmware-vmsvc-root.log with open-vm-tools (bsc#1162119)\n * sle12sp5/tailf-000019885.py: Aborting tailf causes bash session to be corrupted (bsc#1177369)\n * sle12sp5/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12sp5/systemd_SUSE-SU-2021_2405-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL\n server (bsc#1183464)\n * sle12sp5/qemu_SUSE-SU-2021_2448-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5\n * sle12sp5/python-py_SUSE-SU-2021_2236-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5\n * sle12sp5/permissions_SUSE-SU-2021_2280-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 Service Pack 5\n * sle12sp5/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from\n SUSE Linux Enterprise 15 Service Pack 2 (bsc#1176375)\n * sle12sp5/nfstimeout_125-000019943.py: Delayed outgoing packets causing NFS timeouts (bsc#1183405)\n * sle12sp5/nfsperf-125-000019615.py: Performance loss when writing large files over NFS (bsc#1163403)\n * sle12sp5/nfsipv6_125-000019618.py: Timeout when attempting NFS mount over IPv6 (bsc#1144162)\n * sle12sp5/lscpu-000019784-12.py: lscpu segfaults on IBM Power8 - Assertion failed (bsc#1175623)\n * sle12sp5/linuxptp_SUSE-SU-2021_2545-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/kgraft-patch_SUSE-SU-2021_2462-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5\n * sle12sp5/kgraft-patch_SUSE-SU-2021_2389-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5\n * sle12sp5/kgraft-patch_SUSE-SU-2021_2324-1_12.5.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP5\n * sle12sp5/kernel_SUSE-SU-2021_2416-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/kernel_SUSE-SU-2021_2407-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/kernel_SUSE-SU-2021_2321-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/intelpstate_125-000020273.py: Frequency scaling driver intel_pstate not loading on some Intel Xeon\n Scalable processors (bsc#1185758)\n * sle12sp5/glibc_SUSE-SU-2021_2480-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/ghostcat_125-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle12sp5/docore_125-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1182194)\n * sle12sp5/dbus-1_SUSE-SU-2021_2424-1_12.5.py: Security fixes for SUSE Linux Enterprise 12 SP5\n * sle12sp5/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can\u0027t install (bsc#1187508)\n * sle12sp5/btrfscrash-125-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)\n * sle12sp5/btrfscrash-125-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)\n * sle12sp4/vmtools-000004682.py: Extensive logging in vmware-vmsvc-root.log with open-vm-tools (bsc#1162119)\n * sle12sp4/tcpdumpcore-000019666.py: Running tcpdump on a SUSE Linux Enterprise 12 Service Pack 4 System with Kernel\n 4.12.14-95.48-default may crash the system (bsc#1176579)\n * sle12sp4/tailf-000019885.py: Aborting tailf causes bash session to be corrupted (bsc#1177369)\n * sle12sp4/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12sp4/systemd_SUSE-SU-2021_2423-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS\n * sle12sp4/sdagentconfig-000020301.py: SCA Appliance configuration reports ERROR 2002 HY000 Cannot connect to MySQL\n server (bsc#1183464)\n * sle12sp4/plymouth-000019595.py: plymouth hang - login to console not possible\n * sle12sp4/nobarrier-000020240.py: XFS nobarrier option has been completely deprecated starting from SUSE Linux \n Enterprise 15 Service Pack 2 (bsc#1176375)\n * sle12sp4/nfsperf-124-000019615.py: Performance loss when writing large files over NFS (bsc#1163403)\n * sle12sp4/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)\n * sle12sp4/linuxptp_SUSE-SU-2021_2443-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS\n * sle12sp4/kgraft-patch_SUSE-SU-2021_2546-1_12.4.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP4 LTSS\n * sle12sp4/kgraft-patch_SUSE-SU-2021_2389-1_12.4.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP4 LTSS\n * sle12sp4/kernel_SUSE-SU-2021_2422-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS\n * sle12sp4/ghostcat_124-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle12sp4/docore_124-000019881.py: System crash in do_coredump() when a process is restarted (bsc#1182194)\n * sle12sp4/curl_SUSE-SU-2021_2425-1_12.4.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP4 LTSS\n * sle12sp4/cronlimit-000020338.py: crontab - More than 1000 entries in crontab file, can\u0027t install (bsc#1187508)\n * sle12sp4/btrfscrash-124-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)\n * sle12sp4/btrfscrash-124-000019638.py: System crash during a BTRFS maintenance task (bsc#1163508)\n * sle12sp3/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12sp3/systemd_SUSE-SU-2021_2423-1_12.3.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP3 LTSS\n * sle12sp3/mpiofindpaths-000019511.py: Using the find_multipaths yes option in multipath.conf (bsc#1138452)\n * sle12sp3/linuxptp_SUSE-SU-2021_2443-1_12.3.ltss.py: Security fixes for SUSE Linux Enterprise 12 SP3 LTSS\n * sle12sp3/kgraft-patch_SUSE-SU-2021_2563-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS\n * sle12sp3/kgraft-patch_SUSE-SU-2021_2538-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS\n * sle12sp3/kgraft-patch_SUSE-SU-2021_2451-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS\n * sle12sp3/kgraft-patch_SUSE-SU-2021_2433-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS\n * sle12sp3/kgraft-patch_SUSE-SU-2021_2389-1_12.3.ltss.py: Security fixes for SUSE Linux Kernel Live Patch 12 SP3 LTSS\n * sle12sp3/ghostcat_123-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle12sp2/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12sp2/ghostcat_122-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle12sp1/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12sp1/ghostcat_121-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle12sp0/systemd-current-failed-7017137.py: Check for failed systemd services\n * sle12all/zypproxy-000020275.py: zypper commands return Error code HTTP response 0\n * sle12all/zerologon-000019713.py: Zerologon aka CVE-2020-1472 (bsc#1176579)\n * sle12all/sysdjobs-000020261.py: Troubleshooting systemd jobs that are hung or stuck\n * sle12all/softlock-000018705.py: soft lockup messages about\n * sle12all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition\n * sle12all/scatool-000020253.py: scatool fails to analyze supportconfigs with xz compression (bsc#1186316)\n * sle12all/postfix-000020356.py: Postfix fails to start with IPv6 disabled\n * sle12all/lvmsnapshot-000019858.py: LVM snapshot changed state to Invalid and should be removed\n * sle12all/lvm-volume-list-7016683.py: Fixed execution error\n * sle12all/iscsimnts-000019648.py: Proper mount options for iSCSI drives\n * sle12all/coredumpctl-000018634.py: How to obtain systemd service core dumps\n * sle12all/btrfsmaster-000018779.py: BTRFS Master TID\n * sle12all/btrfscron-000019583.py: After upgrading BTRFS cron jobs are not working anymore (bsc#1159891)\n * sle12all/blacklist-000019607.py: System exit to emergency shell at boot with multipath enabled\n * CVE-2020-12351, CVE-2020-12352, CVE-2020-24490: BleedingTooth\n + sle12sp5/bleedingtooth_125-000019735.py\n + sle12sp4/bleedingtooth_124-000019735.py\n + sle12sp3/bleedingtooth_123-000019735.py\n + sle12sp2/bleedingtooth_122-000019735.py\n * CVE-2020-0548, CVE-2020-0549: L1D data cache eviction and Vector Register sampling (bsc#1156353)\n + sle12sp5/ucodeintel_125-000019635.py\n + sle12sp4/ucodeintel_124-000019635.py\n + sle12sp3/ucodeintel_123-000019635.py\n + sle12sp2/ucodeintel_122-000019635.py\n * CVE-2020-0543: Special Register Buffer Data Sampling aka CrossTalk (bsc#1154824)\n + sle12sp5/crosstalk_125-000019643.py\n + sle12sp4/crosstalk_124-000019643.py\n + sle12sp3/crosstalk_123-000019643.py\n + sle12sp2/crosstalk_122-000019643.py\n- Updated patterns:\n * sle12all/scc-expired.py: Identify if SCC registrations have expired\n * sle12all/lvm-00003.pl: Physical volumes can be removed or damaged and appear missing. This pattern looks for\n missing physical volumes\n * sle12all/lvm-00004.pl: LMV Check sum errors may indicate corrupted LVM metadata\n * sle12all/lvm-00005.pl: Duplicate volume groups are usually a configuration issue\n- Renamed patterns for file standard:\n * Renamed patterns/SLE/sle12all/scc-expired.py to patterns/SLE/sle12all/bhc-scc-expired.py\n * Renamed patterns/SLE/sle12all/scc-registered.py to patterns/SLE/sle12all/bhc-scc-registered.py\n- Deleted regular patterns (1)\n * sle12all/systemd-current-failed-7017137.py: Moved to service packs with fixes (bsc#1187983)\n * sle12all/bhc-scc.sh: Pattern removed (bsc#1184594)\n * sle12all/pdc-00001.pl: Pattern removed OES Dependent\n * sle12all/pdc-00002.pl: Pattern removed OES Dependent\n * sle12all/lvm-00001.pl: Pattern removed\n * sle12all/lvm-00002.pl: Pattern removed\n\nsca-patterns-sle11:\n\n- Version update from 1.3.1 to 1.5.1 to implement the conversion of SCA Tool to Python3 (jsc#SLE-25064, jsc#SLE-24335):\n * Convert SCA Tool from Python2 to Python3 (bsc#1191005, SLE-21579)\n * Removed OES dependent patterns (bsc#1196873)\n- New security announcement patterns:\n * Apr 2022 (5) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1 \n SUSE-SU-2022:14951-1\n * Mar 2022 (19) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1\n SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1\n SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1\n SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1\n * Feb 2022 (27) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1\n SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1\n SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1\n SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1\n SUSE-SU-2022:14889-1 SUSE-SU-2022:14886-1 SUSE-SU-2022:14888-1 SUSE-SU-2022:14890-1 SUSE-SU-2022:14887-1\n SUSE-SU-2022:14896-1 SUSE-SU-2022:14884-1 SUSE-SU-2022:14894-1\n * Jan 2022 (34) for SUSE-SU-2022:14938-1 SUSE-SU-2022:14943-1 SUSE-SU-2022:14936-1 SUSE-SU-2022:14941-1\n SUSE-SU-2022:14951-1 SUSE-SU-2022:14910-1 SUSE-SU-2022:14929-1 SUSE-SU-2022:14908-1 SUSE-SU-2022:14914-1\n SUSE-SU-2022:14915-1 SUSE-SU-2022:14906-1 SUSE-SU-2022:14904-1 SUSE-SU-2022:14909-1 SUSE-SU-2022:14905-1\n SUSE-SU-2022:14927-1 SUSE-SU-2022:14923-1 SUSE-SU-2022:14934-1 SUSE-SU-2022:14903-1 SUSE-SU-2022:14924-1\n SUSE-SU-2022:14889-1 SUSE-SU-2022:14886-1 SUSE-SU-2022:14888-1 SUSE-SU-2022:14890-1 SUSE-SU-2022:14887-1\n SUSE-SU-2022:14896-1 SUSE-SU-2022:14884-1 SUSE-SU-2022:14894-1 SUSE-SU-2022:14880-1 SUSE-SU-2022:14881-1\n SUSE-SU-2022:14872-1 SUSE-SU-2022:14875-1 SUSE-SU-2022:14878-1 SUSE-SU-2022:14882-1 SUSE-SU-2022:14879-1\n * Jul 2021 (5) for SUSE-SU-2021:14769-1 SUSE-SU-2021:14771-1 SUSE-SU-2021:14766-1 SUSE-SU-2021:14764-1\n SUSE-SU-2021:14761-1\n * Jun 2021 (12) for SUSE-SU-2021:14747-1 SUSE-SU-2021:14748-1 SUSE-SU-2021:14744-1 SUSE-SU-2021:14757-1\n SUSE-SU-2021:14743-1 SUSE-SU-2021:14758-1 SUSE-SU-2021:14751-1 SUSE-SU-2021:14750-1 SUSE-SU-2021:14740-1\n SUSE-SU-2021:14760-1 SUSE-SU-2021:14759-1 SUSE-SU-2021:14749-1\n * May 2021 (5) for SUSE-SU-2021:14729-1 SUSE-SU-2021:14724-1 SUSE-SU-2021:14738-1 SUSE-SU-2021:14728-1\n SUSE-SU-2021:14714-1\n * Apr 2021 (10) for SUSE-SU-2021:14690-1 SUSE-SU-2021:14702-1 SUSE-SU-2021:14705-1 SUSE-SU-2021:14709-1\n SUSE-SU-2021:14700-1 SUSE-SU-2021:14708-1 SUSE-SU-2021:14684-1 SUSE-SU-2021:14704-1 SUSE-SU-2021:14712-1\n SUSE-SU-2021:14692-1\n- New regular patterns:\n * sle11sp4/ghostcat_114-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle11sp3/ghostcat_113-000019606.py: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (bsc#1164692)\n * sle11all/softlock-000018705.py: soft lockup messages about\n * sle11all/sizingbtrfs-000018798.py: How to resize/extend a btrfs formatted root partition\n * sle11all/btrfsmaster-000018779.py: BTRFS Master TID\n * CVE-2020-0543: sle11sp4/crosstalk_114-000019643.py: Special Register Buffer Data Sampling aka CrossTalk\n (bsc#1154824)\n- Deleted regular patterns:\n * sle11all/bhc-scc.sh: Pattern removed (bsc#1184594)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-4496,SUSE-SLE-Module-Server-Applications-15-SP3-2022-4496,openSUSE-SLE-15.3-2022-4496",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-fu-2022_4496-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-FU-2022:4496-1",
"url": "https://www.suse.com/support/update/announcement//suse-fu-20224496-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-FU-2022:4496-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2022-December/026906.html"
},
{
"category": "self",
"summary": "SUSE Bug 1045605",
"url": "https://bugzilla.suse.com/1045605"
},
{
"category": "self",
"summary": "SUSE Bug 1124793",
"url": "https://bugzilla.suse.com/1124793"
},
{
"category": "self",
"summary": "SUSE Bug 1131489",
"url": "https://bugzilla.suse.com/1131489"
},
{
"category": "self",
"summary": "SUSE Bug 1138452",
"url": "https://bugzilla.suse.com/1138452"
},
{
"category": "self",
"summary": "SUSE Bug 1144162",
"url": "https://bugzilla.suse.com/1144162"
},
{
"category": "self",
"summary": "SUSE Bug 1152800",
"url": "https://bugzilla.suse.com/1152800"
},
{
"category": "self",
"summary": "SUSE Bug 1154768",
"url": "https://bugzilla.suse.com/1154768"
},
{
"category": "self",
"summary": "SUSE Bug 1154824",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "self",
"summary": "SUSE Bug 1155181",
"url": "https://bugzilla.suse.com/1155181"
},
{
"category": "self",
"summary": "SUSE Bug 1155990",
"url": "https://bugzilla.suse.com/1155990"
},
{
"category": "self",
"summary": "SUSE Bug 1156353",
"url": "https://bugzilla.suse.com/1156353"
},
{
"category": "self",
"summary": "SUSE Bug 1157778",
"url": "https://bugzilla.suse.com/1157778"
},
{
"category": "self",
"summary": "SUSE Bug 1158890",
"url": "https://bugzilla.suse.com/1158890"
},
{
"category": "self",
"summary": "SUSE Bug 1159356",
"url": "https://bugzilla.suse.com/1159356"
},
{
"category": "self",
"summary": "SUSE Bug 1159891",
"url": "https://bugzilla.suse.com/1159891"
},
{
"category": "self",
"summary": "SUSE Bug 1162119",
"url": "https://bugzilla.suse.com/1162119"
},
{
"category": "self",
"summary": "SUSE Bug 1163403",
"url": "https://bugzilla.suse.com/1163403"
},
{
"category": "self",
"summary": "SUSE Bug 1163508",
"url": "https://bugzilla.suse.com/1163508"
},
{
"category": "self",
"summary": "SUSE Bug 1164692",
"url": "https://bugzilla.suse.com/1164692"
},
{
"category": "self",
"summary": "SUSE Bug 1167689",
"url": "https://bugzilla.suse.com/1167689"
},
{
"category": "self",
"summary": "SUSE Bug 1175623",
"url": "https://bugzilla.suse.com/1175623"
},
{
"category": "self",
"summary": "SUSE Bug 1176021",
"url": "https://bugzilla.suse.com/1176021"
},
{
"category": "self",
"summary": "SUSE Bug 1176140",
"url": "https://bugzilla.suse.com/1176140"
},
{
"category": "self",
"summary": "SUSE Bug 1176375",
"url": "https://bugzilla.suse.com/1176375"
},
{
"category": "self",
"summary": "SUSE Bug 1176579",
"url": "https://bugzilla.suse.com/1176579"
},
{
"category": "self",
"summary": "SUSE Bug 1177369",
"url": "https://bugzilla.suse.com/1177369"
},
{
"category": "self",
"summary": "SUSE Bug 1177753",
"url": "https://bugzilla.suse.com/1177753"
},
{
"category": "self",
"summary": "SUSE Bug 1179170",
"url": "https://bugzilla.suse.com/1179170"
},
{
"category": "self",
"summary": "SUSE Bug 1180894",
"url": "https://bugzilla.suse.com/1180894"
},
{
"category": "self",
"summary": "SUSE Bug 1182194",
"url": "https://bugzilla.suse.com/1182194"
},
{
"category": "self",
"summary": "SUSE Bug 1182905",
"url": "https://bugzilla.suse.com/1182905"
},
{
"category": "self",
"summary": "SUSE Bug 1182917",
"url": "https://bugzilla.suse.com/1182917"
},
{
"category": "self",
"summary": "SUSE Bug 1183405",
"url": "https://bugzilla.suse.com/1183405"
},
{
"category": "self",
"summary": "SUSE Bug 1183464",
"url": "https://bugzilla.suse.com/1183464"
},
{
"category": "self",
"summary": "SUSE Bug 1184594",
"url": "https://bugzilla.suse.com/1184594"
},
{
"category": "self",
"summary": "SUSE Bug 1185357",
"url": "https://bugzilla.suse.com/1185357"
},
{
"category": "self",
"summary": "SUSE Bug 1185593",
"url": "https://bugzilla.suse.com/1185593"
},
{
"category": "self",
"summary": "SUSE Bug 1185594",
"url": "https://bugzilla.suse.com/1185594"
},
{
"category": "self",
"summary": "SUSE Bug 1185684",
"url": "https://bugzilla.suse.com/1185684"
},
{
"category": "self",
"summary": "SUSE Bug 1185758",
"url": "https://bugzilla.suse.com/1185758"
},
{
"category": "self",
"summary": "SUSE Bug 1185857",
"url": "https://bugzilla.suse.com/1185857"
},
{
"category": "self",
"summary": "SUSE Bug 1186034",
"url": "https://bugzilla.suse.com/1186034"
},
{
"category": "self",
"summary": "SUSE Bug 1186312",
"url": "https://bugzilla.suse.com/1186312"
},
{
"category": "self",
"summary": "SUSE Bug 1186316",
"url": "https://bugzilla.suse.com/1186316"
},
{
"category": "self",
"summary": "SUSE Bug 1186317",
"url": "https://bugzilla.suse.com/1186317"
},
{
"category": "self",
"summary": "SUSE Bug 1186420",
"url": "https://bugzilla.suse.com/1186420"
},
{
"category": "self",
"summary": "SUSE Bug 1186442",
"url": "https://bugzilla.suse.com/1186442"
},
{
"category": "self",
"summary": "SUSE Bug 1186792",
"url": "https://bugzilla.suse.com/1186792"
},
{
"category": "self",
"summary": "SUSE Bug 1187194",
"url": "https://bugzilla.suse.com/1187194"
},
{
"category": "self",
"summary": "SUSE Bug 1187508",
"url": "https://bugzilla.suse.com/1187508"
},
{
"category": "self",
"summary": "SUSE Bug 1187983",
"url": "https://bugzilla.suse.com/1187983"
},
{
"category": "self",
"summary": "SUSE Bug 1189394",
"url": "https://bugzilla.suse.com/1189394"
},
{
"category": "self",
"summary": "SUSE Bug 1189483",
"url": "https://bugzilla.suse.com/1189483"
},
{
"category": "self",
"summary": "SUSE Bug 1189889",
"url": "https://bugzilla.suse.com/1189889"
},
{
"category": "self",
"summary": "SUSE Bug 1190260",
"url": "https://bugzilla.suse.com/1190260"
},
{
"category": "self",
"summary": "SUSE Bug 1190460",
"url": "https://bugzilla.suse.com/1190460"
},
{
"category": "self",
"summary": "SUSE Bug 1191005",
"url": "https://bugzilla.suse.com/1191005"
},
{
"category": "self",
"summary": "SUSE Bug 1191199",
"url": "https://bugzilla.suse.com/1191199"
},
{
"category": "self",
"summary": "SUSE Bug 1193878",
"url": "https://bugzilla.suse.com/1193878"
},
{
"category": "self",
"summary": "SUSE Bug 1196730",
"url": "https://bugzilla.suse.com/1196730"
},
{
"category": "self",
"summary": "SUSE Bug 1196873",
"url": "https://bugzilla.suse.com/1196873"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0548 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0549 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12351 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12352 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12352/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1472 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24490 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24490/"
}
],
"title": "Feature update for SCA patterns",
"tracking": {
"current_release_date": "2022-12-15T09:43:54Z",
"generator": {
"date": "2022-12-15T09:43:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-FU-2022:4496-1",
"initial_release_date": "2022-12-15T09:43:54Z",
"revision_history": [
{
"date": "2022-12-15T09:43:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"product": {
"name": "sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"product_id": "sca-patterns-base-1.5.0-150300.10.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"product": {
"name": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"product_id": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"product": {
"name": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"product_id": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"product": {
"name": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"product_id": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"product": {
"name": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"product_id": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"product": {
"name": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"product_id": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sca-server-report-1.5.1-150300.11.3.1.noarch",
"product": {
"name": "sca-server-report-1.5.1-150300.11.3.1.noarch",
"product_id": "sca-server-report-1.5.1-150300.11.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-base-1.5.0-150300.10.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch"
},
"product_reference": "sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch"
},
"product_reference": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch"
},
"product_reference": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch"
},
"product_reference": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch"
},
"product_reference": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch"
},
"product_reference": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-server-report-1.5.1-150300.11.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch"
},
"product_reference": "sca-server-report-1.5.1-150300.11.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-base-1.5.0-150300.10.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch"
},
"product_reference": "sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch"
},
"product_reference": "sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch"
},
"product_reference": "sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch"
},
"product_reference": "sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch"
},
"product_reference": "sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch"
},
"product_reference": "sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sca-server-report-1.5.1-150300.11.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
},
"product_reference": "sca-server-report-1.5.1-150300.11.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0548"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0548",
"url": "https://www.suse.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0548",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0549"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0549",
"url": "https://www.suse.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0549",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-0549"
},
{
"cve": "CVE-2020-12351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12351"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12351",
"url": "https://www.suse.com/security/cve/CVE-2020-12351"
},
{
"category": "external",
"summary": "SUSE Bug 1177724 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177724"
},
{
"category": "external",
"summary": "SUSE Bug 1177729 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1177729"
},
{
"category": "external",
"summary": "SUSE Bug 1178397 for CVE-2020-12351",
"url": "https://bugzilla.suse.com/1178397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "important"
}
],
"title": "CVE-2020-12351"
},
{
"cve": "CVE-2020-12352",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12352"
}
],
"notes": [
{
"category": "general",
"text": "Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12352",
"url": "https://www.suse.com/security/cve/CVE-2020-12352"
},
{
"category": "external",
"summary": "SUSE Bug 1177725 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1177725"
},
{
"category": "external",
"summary": "SUSE Bug 1178398 for CVE-2020-12352",
"url": "https://bugzilla.suse.com/1178398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-12352"
},
{
"cve": "CVE-2020-1472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1472"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1472",
"url": "https://www.suse.com/security/cve/CVE-2020-1472"
},
{
"category": "external",
"summary": "SUSE Bug 1176579 for CVE-2020-1472",
"url": "https://bugzilla.suse.com/1176579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "critical"
}
],
"title": "CVE-2020-1472"
},
{
"cve": "CVE-2020-24490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24490"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24490",
"url": "https://www.suse.com/security/cve/CVE-2020-24490"
},
{
"category": "external",
"summary": "SUSE Bug 1177726 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177726"
},
{
"category": "external",
"summary": "SUSE Bug 1177727 for CVE-2020-24490",
"url": "https://bugzilla.suse.com/1177727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP3:sca-server-report-1.5.1-150300.11.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-base-1.5.0-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-hae-1.5.1-150300.10.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle11-1.5.1-150300.18.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle12-1.5.1-150300.3.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-sle15-1.5.1-150300.14.3.1.noarch",
"openSUSE Leap 15.3:sca-patterns-suma-1.5.0-150300.9.3.1.noarch",
"openSUSE Leap 15.3:sca-server-report-1.5.1-150300.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-12-15T09:43:54Z",
"details": "important"
}
],
"title": "CVE-2020-24490"
}
]
}
SUSE-SU-2020:14393-1
Vulnerability from csaf_suse - Published: 2020-06-09 17:11 - Updated: 2020-06-09 17:11Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it.
This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).
- CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).
- CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).
- CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).
The following non-security bugs were fixed:
- nfsd4: clean up open owners on OPEN failure (bsc#1154290).
- random: always use batched entropy for get_random_u{32,64} (bsc#1164871).
Patchnames: slessp4-kernel-source-14393,slexsp3-kernel-source-14393
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. \n This attack is known as Special Register Buffer Data Sampling (SRBDS) or \u0027CrossTalk\u0027 (bsc#1154824).\n- CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).\n- CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).\n- CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).\n- CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).\n\nThe following non-security bugs were fixed:\n\n- nfsd4: clean up open owners on OPEN failure (bsc#1154290).\n- random: always use batched entropy for get_random_u{32,64} (bsc#1164871).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-kernel-source-14393,slexsp3-kernel-source-14393",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14393-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14393-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014393-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14393-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-June/006913.html"
},
{
"category": "self",
"summary": "SUSE Bug 1154290",
"url": "https://bugzilla.suse.com/1154290"
},
{
"category": "self",
"summary": "SUSE Bug 1154824",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "self",
"summary": "SUSE Bug 1164871",
"url": "https://bugzilla.suse.com/1164871"
},
{
"category": "self",
"summary": "SUSE Bug 1170056",
"url": "https://bugzilla.suse.com/1170056"
},
{
"category": "self",
"summary": "SUSE Bug 1171195",
"url": "https://bugzilla.suse.com/1171195"
},
{
"category": "self",
"summary": "SUSE Bug 1171202",
"url": "https://bugzilla.suse.com/1171202"
},
{
"category": "self",
"summary": "SUSE Bug 1171218",
"url": "https://bugzilla.suse.com/1171218"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10690 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12654/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-06-09T17:11:40Z",
"generator": {
"date": "2020-06-09T17:11:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14393-1",
"initial_release_date": "2020-06-09T17:11:40Z",
"revision_history": [
{
"date": "2020-06-09T17:11:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.114.1.i586",
"product_id": "kernel-default-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.114.1.i586",
"product_id": "kernel-default-base-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.114.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.114.1.i586",
"product_id": "kernel-ec2-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.114.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.114.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.114.1.i586",
"product_id": "kernel-pae-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.114.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.114.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.114.1.i586",
"product_id": "kernel-source-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.114.1.i586",
"product_id": "kernel-syms-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.114.1.i586",
"product_id": "kernel-trace-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.114.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.114.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.114.1.i586",
"product_id": "kernel-xen-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.114.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.114.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.114.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.114.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.114.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-bigmem-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-bigmem-3.0.101-108.114.1.ppc64",
"product_id": "kernel-bigmem-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"product_id": "kernel-bigmem-base-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"product_id": "kernel-bigmem-devel-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-default-3.0.101-108.114.1.ppc64",
"product_id": "kernel-default-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-default-base-3.0.101-108.114.1.ppc64",
"product_id": "kernel-default-base-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-default-devel-3.0.101-108.114.1.ppc64",
"product_id": "kernel-default-devel-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-ppc64-3.0.101-108.114.1.ppc64",
"product_id": "kernel-ppc64-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"product_id": "kernel-ppc64-base-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"product_id": "kernel-ppc64-devel-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.114.1.ppc64",
"product_id": "kernel-source-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-syms-3.0.101-108.114.1.ppc64",
"product_id": "kernel-syms-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-trace-3.0.101-108.114.1.ppc64",
"product_id": "kernel-trace-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-trace-base-3.0.101-108.114.1.ppc64",
"product_id": "kernel-trace-base-3.0.101-108.114.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.114.1.ppc64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.114.1.ppc64",
"product_id": "kernel-trace-devel-3.0.101-108.114.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-default-3.0.101-108.114.1.s390x",
"product_id": "kernel-default-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-default-base-3.0.101-108.114.1.s390x",
"product_id": "kernel-default-base-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-default-devel-3.0.101-108.114.1.s390x",
"product_id": "kernel-default-devel-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-default-man-3.0.101-108.114.1.s390x",
"product_id": "kernel-default-man-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.114.1.s390x",
"product_id": "kernel-source-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-syms-3.0.101-108.114.1.s390x",
"product_id": "kernel-syms-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-trace-3.0.101-108.114.1.s390x",
"product_id": "kernel-trace-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-trace-base-3.0.101-108.114.1.s390x",
"product_id": "kernel-trace-base-3.0.101-108.114.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.114.1.s390x",
"product": {
"name": "kernel-trace-devel-3.0.101-108.114.1.s390x",
"product_id": "kernel-trace-devel-3.0.101-108.114.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.114.1.x86_64",
"product_id": "kernel-default-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.114.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.114.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.114.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.114.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.114.1.x86_64",
"product_id": "kernel-source-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.114.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.114.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.114.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.114.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.114.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.114.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.114.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.114.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.114.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.114.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-bigmem-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-base-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-devel-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-default-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-default-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-default-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-default-base-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-default-devel-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-pae-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-ppc64-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-base-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-devel-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-source-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-source-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-source-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-syms-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-syms-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-trace-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-trace-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-trace-base-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.114.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.114.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.114.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-108.114.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-xen-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.114.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-108.114.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.114.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.114.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-09T17:11:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-10690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10690"
}
],
"notes": [
{
"category": "general",
"text": "There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10690",
"url": "https://www.suse.com/security/cve/CVE-2020-10690"
},
{
"category": "external",
"summary": "SUSE Bug 1170056 for CVE-2020-10690",
"url": "https://bugzilla.suse.com/1170056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-09T17:11:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-10690"
},
{
"cve": "CVE-2020-12652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12652"
}
],
"notes": [
{
"category": "general",
"text": "The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a \"double fetch\" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states \"The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12652",
"url": "https://www.suse.com/security/cve/CVE-2020-12652"
},
{
"category": "external",
"summary": "SUSE Bug 1171218 for CVE-2020-12652",
"url": "https://bugzilla.suse.com/1171218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-09T17:11:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-12652"
},
{
"cve": "CVE-2020-12653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12653"
}
],
"notes": [
{
"category": "general",
"text": "An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12653",
"url": "https://www.suse.com/security/cve/CVE-2020-12653"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-12653",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1171195 for CVE-2020-12653",
"url": "https://bugzilla.suse.com/1171195"
},
{
"category": "external",
"summary": "SUSE Bug 1171254 for CVE-2020-12653",
"url": "https://bugzilla.suse.com/1171254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-09T17:11:40Z",
"details": "important"
}
],
"title": "CVE-2020-12653"
},
{
"cve": "CVE-2020-12654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12654"
}
],
"notes": [
{
"category": "general",
"text": "An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12654",
"url": "https://www.suse.com/security/cve/CVE-2020-12654"
},
{
"category": "external",
"summary": "SUSE Bug 1159281 for CVE-2020-12654",
"url": "https://bugzilla.suse.com/1159281"
},
{
"category": "external",
"summary": "SUSE Bug 1171202 for CVE-2020-12654",
"url": "https://bugzilla.suse.com/1171202"
},
{
"category": "external",
"summary": "SUSE Bug 1171252 for CVE-2020-12654",
"url": "https://bugzilla.suse.com/1171252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-bigmem-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-default-man-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ec2-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-pae-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-ppc64-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-source-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-syms-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-trace-devel-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-base-3.0.101-108.114.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:kernel-xen-devel-3.0.101-108.114.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-09T17:11:40Z",
"details": "important"
}
],
"title": "CVE-2020-12654"
}
]
}
SUSE-SU-2020:14394-1
Vulnerability from csaf_suse - Published: 2020-06-10 08:06 - Updated: 2020-06-10 08:06Summary
Security update for microcode_ctl
Severity
Moderate
Notes
Title of the patch: Security update for microcode_ctl
Description of the patch: This update for microcode_ctl fixes the following issues:
Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466)
This update contains security mitigations for:
- CVE-2020-0543: Fixed a side channel attack against special registers
which could have resulted in leaking of read values to cores other
than the one which called it. This attack is known as Special Register
Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
- CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to
mitigate the Vector Register and L1D Eviction Sampling aka 'CacheOutAttack'
attacks. (bsc#1156353)
Microcode Table:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
HSW C0 6-3c-3/32 00000027->00000028 Core Gen4
BDW-U/Y E0/F0 6-3d-4/c0 0000002e->0000002f Core Gen5
HSW-U C0/D0 6-45-1/72 00000025->00000026 Core Gen4
HSW-H C0 6-46-1/32 0000001b->0000001c Core Gen4
BDW-H/E3 E0/G0 6-47-1/22 00000021->00000022 Core Gen5
SKL-U/Y D0 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKL-U23e K1 6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
SKX-SP B1 6-55-3/97 01000151->01000157 Xeon Scalable
SKX-SP H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable
SKX-D M1 6-55-4/b7 02000065->02006906 Xeon D-21xx
CLX-SP B0 6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2
CLX-SP B1 6-55-7/bf 0500002c->04002f01 Xeon Scalable Gen2
SKL-H/S R0/N0 6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5
AML-Y22 H0 6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile
KBL-U/Y H0 6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile
CFL-U43e D0 6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile
WHL-U W0 6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile
AML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
CML-Y42 V0 6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
WHL-U V0 6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile
KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6
CFL-H/S/E3 U0 6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E
CFL-S B0 6-9e-b/02 000000ca->000000d6 Core Gen8
CFL-H/S P0 6-9e-c/22 000000ca->000000d6 Core Gen9
CFL-H R0 6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile
Also contains the Intel CPU Microcode update to 20200520:
Processor Identifier Version Products
Model Stepping F-MO-S/PI Old->New
---- new platforms ----------------------------------------
---- updated platforms ------------------------------------
SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f->00000621 Xeon E3/E5, Core X
SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718->0000071a Xeon E3/E5, Core X
Patchnames: sleposp3-microcode_ctl-14394,slessp4-microcode_ctl-14394
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for microcode_ctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for microcode_ctl fixes the following issues:\n\nUpdated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466)\n \nThis update contains security mitigations for:\n\n- CVE-2020-0543: Fixed a side channel attack against special registers\n which could have resulted in leaking of read values to cores other\n than the one which called it. This attack is known as Special Register\n Buffer Data Sampling (SRBDS) or \u0027CrossTalk\u0027 (bsc#1154824).\n- CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to\n mitigate the Vector Register and L1D Eviction Sampling aka \u0027CacheOutAttack\u0027\n attacks. (bsc#1156353)\n\nMicrocode Table:\n\n Processor Identifier Version Products\n Model Stepping F-MO-S/PI Old-\u003eNew\n ---- new platforms ----------------------------------------\n ---- updated platforms ------------------------------------\n HSW C0 6-3c-3/32 00000027-\u003e00000028 Core Gen4\n BDW-U/Y E0/F0 6-3d-4/c0 0000002e-\u003e0000002f Core Gen5\n HSW-U C0/D0 6-45-1/72 00000025-\u003e00000026 Core Gen4\n HSW-H C0 6-46-1/32 0000001b-\u003e0000001c Core Gen4\n BDW-H/E3 E0/G0 6-47-1/22 00000021-\u003e00000022 Core Gen5\n SKL-U/Y D0 6-4e-3/c0 000000d6-\u003e000000dc Core Gen6 Mobile\n SKL-U23e K1 6-4e-3/c0 000000d6-\u003e000000dc Core Gen6 Mobile\n SKX-SP B1 6-55-3/97 01000151-\u003e01000157 Xeon Scalable\n SKX-SP H0/M0/U0 6-55-4/b7 02000065-\u003e02006906 Xeon Scalable\n SKX-D M1 6-55-4/b7 02000065-\u003e02006906 Xeon D-21xx\n CLX-SP B0 6-55-6/bf 0400002c-\u003e04002f01 Xeon Scalable Gen2\n CLX-SP B1 6-55-7/bf 0500002c-\u003e04002f01 Xeon Scalable Gen2\n SKL-H/S R0/N0 6-5e-3/36 000000d6-\u003e000000dc Core Gen6; Xeon E3 v5\n AML-Y22 H0 6-8e-9/10 000000ca-\u003e000000d6 Core Gen8 Mobile\n KBL-U/Y H0 6-8e-9/c0 000000ca-\u003e000000d6 Core Gen7 Mobile\n CFL-U43e D0 6-8e-a/c0 000000ca-\u003e000000d6 Core Gen8 Mobile\n WHL-U W0 6-8e-b/d0 000000ca-\u003e000000d6 Core Gen8 Mobile\n AML-Y42 V0 6-8e-c/94 000000ca-\u003e000000d6 Core Gen10 Mobile\n CML-Y42 V0 6-8e-c/94 000000ca-\u003e000000d6 Core Gen10 Mobile\n WHL-U V0 6-8e-c/94 000000ca-\u003e000000d6 Core Gen8 Mobile\n KBL-G/H/S/E3 B0 6-9e-9/2a 000000ca-\u003e000000d6 Core Gen7; Xeon E3 v6\n CFL-H/S/E3 U0 6-9e-a/22 000000ca-\u003e000000d6 Core Gen8 Desktop, Mobile, Xeon E\n CFL-S B0 6-9e-b/02 000000ca-\u003e000000d6 Core Gen8\n CFL-H/S P0 6-9e-c/22 000000ca-\u003e000000d6 Core Gen9\n CFL-H R0 6-9e-d/22 000000ca-\u003e000000d6 Core Gen9 Mobile\n\nAlso contains the Intel CPU Microcode update to 20200520:\n\n Processor Identifier Version Products\n Model Stepping F-MO-S/PI Old-\u003eNew\n ---- new platforms ----------------------------------------\n ---- updated platforms ------------------------------------\n SNB-E/EN/EP C1/M0 6-2d-6/6d 0000061f-\u003e00000621 Xeon E3/E5, Core X\n SNB-E/EN/EP C2/M1 6-2d-7/6d 00000718-\u003e0000071a Xeon E3/E5, Core X\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-microcode_ctl-14394,slessp4-microcode_ctl-14394",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14394-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14394-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014394-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14394-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-June/006920.html"
},
{
"category": "self",
"summary": "SUSE Bug 1154824",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "self",
"summary": "SUSE Bug 1156353",
"url": "https://bugzilla.suse.com/1156353"
},
{
"category": "self",
"summary": "SUSE Bug 1172466",
"url": "https://bugzilla.suse.com/1172466"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0548 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0549 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0549/"
}
],
"title": "Security update for microcode_ctl",
"tracking": {
"current_release_date": "2020-06-10T08:06:27Z",
"generator": {
"date": "2020-06-10T08:06:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14394-1",
"initial_release_date": "2020-06-10T08:06:27Z",
"revision_history": [
{
"date": "2020-06-10T08:06:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.53.1.i586",
"product": {
"name": "microcode_ctl-1.17-102.83.53.1.i586",
"product_id": "microcode_ctl-1.17-102.83.53.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.53.1.x86_64",
"product": {
"name": "microcode_ctl-1.17-102.83.53.1.x86_64",
"product_id": "microcode_ctl-1.17-102.83.53.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.53.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.53.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.53.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
},
"product_reference": "microcode_ctl-1.17-102.83.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-10T08:06:27Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0548"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0548",
"url": "https://www.suse.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0548",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-10T08:06:27Z",
"details": "moderate"
}
],
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0549"
}
],
"notes": [
{
"category": "general",
"text": "Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0549",
"url": "https://www.suse.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "SUSE Bug 1156353 for CVE-2020-0549",
"url": "https://bugzilla.suse.com/1156353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-10T08:06:27Z",
"details": "moderate"
}
],
"title": "CVE-2020-0549"
}
]
}
SUSE-SU-2020:14521-1
Vulnerability from csaf_suse - Published: 2020-10-22 12:09 - Updated: 2020-10-22 12:09Summary
Security update for xen
Severity
Important
Notes
Title of the patch: Security update for xen
Description of the patch: This update for xen fixes the following issues:
- CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling (SRBDS) aka 'CrossTalk' (bsc#1172205,XSA-320)
- CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534).
- CVE-2020-15565: Fixed an issue cache write (bsc#1173378,XSA-321).
- CVE-2020-15567: Fixed an issue with non-atomic modification of live EPT PTE (bsc#1173380,XSA-328)
- CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337)
- CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339)
- CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338)
- CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342)
- CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)
- CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340)
- CVE-2020-25604: Fixed a race condition when migrating timers between x86
HVM vCPU-s (bsc#1176343,XSA-336)
Patchnames: slessp4-xen-14521
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.9 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
62 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for xen",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for xen fixes the following issues:\n\n- CVE-2020-0543: Fixed a leak of Special Register Buffer Data Sampling (SRBDS) aka \u0027CrossTalk\u0027 (bsc#1172205,XSA-320)\n- CVE-2020-14364: Fixed an out-of-bounds read/write access while processing usb packets (bsc#1175534).\n- CVE-2020-15565: Fixed an issue cache write (bsc#1173378,XSA-321).\n- CVE-2020-15567: Fixed an issue with non-atomic modification of live EPT PTE (bsc#1173380,XSA-328)\n- CVE-2020-25595: Fixed an issue where PCI passthrough code was reading back hardware registers (bsc#1176344,XSA-337)\n- CVE-2020-25596: Fixed a potential denial of service in x86 pv guest kernel via SYSENTER (bsc#1176345,XSA-339)\n- CVE-2020-25597: Fixed an issue where a valid event channels may not turn invalid (bsc#1176346,XSA-338)\n- CVE-2020-25600: Fixed out of bounds event channels available to 32-bit x86 domains (bsc#1176348,XSA-342)\n- CVE-2020-25601: Fixed an issue due to lack of preemption in evtchn_reset() / evtchn_destroy() (bsc#1176350,XSA-344)\t \n- CVE-2020-25603: Fixed an issue due to missing barriers when accessing/allocating an event channel (bsc#1176347,XSA-340)\n- CVE-2020-25604: Fixed a race condition when migrating timers between x86 \n HVM vCPU-s (bsc#1176343,XSA-336)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-xen-14521",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14521-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14521-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014521-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14521-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-October/007611.html"
},
{
"category": "self",
"summary": "SUSE Bug 1172205",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "self",
"summary": "SUSE Bug 1173378",
"url": "https://bugzilla.suse.com/1173378"
},
{
"category": "self",
"summary": "SUSE Bug 1173380",
"url": "https://bugzilla.suse.com/1173380"
},
{
"category": "self",
"summary": "SUSE Bug 1175534",
"url": "https://bugzilla.suse.com/1175534"
},
{
"category": "self",
"summary": "SUSE Bug 1176343",
"url": "https://bugzilla.suse.com/1176343"
},
{
"category": "self",
"summary": "SUSE Bug 1176344",
"url": "https://bugzilla.suse.com/1176344"
},
{
"category": "self",
"summary": "SUSE Bug 1176345",
"url": "https://bugzilla.suse.com/1176345"
},
{
"category": "self",
"summary": "SUSE Bug 1176346",
"url": "https://bugzilla.suse.com/1176346"
},
{
"category": "self",
"summary": "SUSE Bug 1176347",
"url": "https://bugzilla.suse.com/1176347"
},
{
"category": "self",
"summary": "SUSE Bug 1176348",
"url": "https://bugzilla.suse.com/1176348"
},
{
"category": "self",
"summary": "SUSE Bug 1176350",
"url": "https://bugzilla.suse.com/1176350"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14364 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15565 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15567 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25595 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25597 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25600 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25601 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25603 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25604 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25604/"
}
],
"title": "Security update for xen",
"tracking": {
"current_release_date": "2020-10-22T12:09:09Z",
"generator": {
"date": "2020-10-22T12:09:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14521-1",
"initial_release_date": "2020-10-22T12:09:09Z",
"revision_history": [
{
"date": "2020-10-22T12:09:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"product": {
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"product_id": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586"
}
},
{
"category": "product_version",
"name": "xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"product": {
"name": "xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"product_id": "xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586"
}
},
{
"category": "product_version",
"name": "xen-libs-4.4.4_44-61.55.1.i586",
"product": {
"name": "xen-libs-4.4.4_44-61.55.1.i586",
"product_id": "xen-libs-4.4.4_44-61.55.1.i586"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.4.4_44-61.55.1.i586",
"product": {
"name": "xen-tools-domU-4.4.4_44-61.55.1.i586",
"product_id": "xen-tools-domU-4.4.4_44-61.55.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "xen-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-4.4.4_44-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-doc-html-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-doc-html-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-doc-html-4.4.4_44-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"product": {
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"product_id": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-libs-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-libs-4.4.4_44-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-libs-32bit-4.4.4_44-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-tools-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-tools-4.4.4_44-61.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "xen-tools-domU-4.4.4_44-61.55.1.x86_64",
"product": {
"name": "xen-tools-domU-4.4.4_44-61.55.1.x86_64",
"product_id": "xen-tools-domU-4.4.4_44-61.55.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-doc-html-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-doc-html-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586"
},
"product_reference": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64"
},
"product_reference": "xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586"
},
"product_reference": "xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.4_44-61.55.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586"
},
"product_reference": "xen-libs-4.4.4_44-61.55.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-libs-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-libs-32bit-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-tools-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.4_44-61.55.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586"
},
"product_reference": "xen-tools-domU-4.4.4_44-61.55.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xen-tools-domU-4.4.4_44-61.55.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
},
"product_reference": "xen-tools-domU-4.4.4_44-61.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0543"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0543",
"url": "https://www.suse.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "SUSE Bug 1154824 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1154824"
},
{
"category": "external",
"summary": "SUSE Bug 1172205 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172205"
},
{
"category": "external",
"summary": "SUSE Bug 1172206 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172206"
},
{
"category": "external",
"summary": "SUSE Bug 1172207 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172207"
},
{
"category": "external",
"summary": "SUSE Bug 1172770 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1172770"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2020-0543",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-14364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14364"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice \u0027setup_len\u0027 exceeds its \u0027data_buf[4096]\u0027 in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14364",
"url": "https://www.suse.com/security/cve/CVE-2020-14364"
},
{
"category": "external",
"summary": "SUSE Bug 1175441 for CVE-2020-14364",
"url": "https://bugzilla.suse.com/1175441"
},
{
"category": "external",
"summary": "SUSE Bug 1175534 for CVE-2020-14364",
"url": "https://bugzilla.suse.com/1175534"
},
{
"category": "external",
"summary": "SUSE Bug 1176494 for CVE-2020-14364",
"url": "https://bugzilla.suse.com/1176494"
},
{
"category": "external",
"summary": "SUSE Bug 1177130 for CVE-2020-14364",
"url": "https://bugzilla.suse.com/1177130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-14364"
},
{
"cve": "CVE-2020-15565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15565"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen\u0027s free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15565",
"url": "https://www.suse.com/security/cve/CVE-2020-15565"
},
{
"category": "external",
"summary": "SUSE Bug 1173378 for CVE-2020-15565",
"url": "https://bugzilla.suse.com/1173378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "important"
}
],
"title": "CVE-2020-15565"
},
{
"cve": "CVE-2020-15567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15567"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circumstances use a series of non-atomic bitfield writes. Depending on the compiler version and optimisation flags, Xen might expose a dangerous partially written PTE to the hardware, which an attacker might be able to race to exploit. A guest administrator or perhaps even an unprivileged guest user might be able to cause denial of service, data corruption, or privilege escalation. Only systems using Intel CPUs are vulnerable. Systems using AMD CPUs, and Arm systems, are not vulnerable. Only systems using nested paging (hap, aka nested paging, aka in this case Intel EPT) are vulnerable. Only HVM and PVH guests can exploit the vulnerability. The presence and scope of the vulnerability depends on the precise optimisations performed by the compiler used to build Xen. If the compiler generates (a) a single 64-bit write, or (b) a series of read-modify-write operations in the same order as the source code, the hypervisor is not vulnerable. For example, in one test build using GCC 8.3 with normal settings, the compiler generated multiple (unlocked) read-modify-write operations in source-code order, which did not constitute a vulnerability. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code-generation options). The source code clearly violates the C rules, and thus should be considered vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15567",
"url": "https://www.suse.com/security/cve/CVE-2020-15567"
},
{
"category": "external",
"summary": "SUSE Bug 1173380 for CVE-2020-15567",
"url": "https://bugzilla.suse.com/1173380"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-15567",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-15567"
},
{
"cve": "CVE-2020-25595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25595"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen\u0027s MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn\u0027t be able to affect these registers, experience shows that it\u0027s very common for devices to have out-of-spec \"backdoor\" operations that can affect the result of these reads. A not fully trusted guest may be able to crash Xen, leading to a Denial of Service (DoS) for the entire system. Privilege escalation and information leaks cannot be excluded. All versions of Xen supporting PCI passthrough are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only guests with passed through PCI devices may be able to leverage the vulnerability. Only systems passing through devices with out-of-spec (\"backdoor\") functionality can cause issues. Experience shows that such out-of-spec functionality is common; unless you have reason to believe that your device does not have such functionality, it\u0027s better to assume that it does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25595",
"url": "https://www.suse.com/security/cve/CVE-2020-25595"
},
{
"category": "external",
"summary": "SUSE Bug 1176344 for CVE-2020-25595",
"url": "https://bugzilla.suse.com/1176344"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-25595",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "important"
}
],
"title": "CVE-2020-25595"
},
{
"cve": "CVE-2020-25596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen\u0027s sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege #GP fault (typically fatal) rather than a user-privilege #GP fault (usually converted into SIGSEGV/etc.). Malicious or buggy userspace can crash the guest kernel, resulting in a VM Denial of Service. All versions of Xen from 3.2 onwards are vulnerable. Only x86 systems are vulnerable. ARM platforms are not vulnerable. Only x86 systems that support the SYSENTER instruction in 64bit mode are vulnerable. This is believed to be Intel, Centaur, and Shanghai CPUs. AMD and Hygon CPUs are not believed to be vulnerable. Only x86 PV guests can exploit the vulnerability. x86 PVH / HVM guests cannot exploit the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25596",
"url": "https://www.suse.com/security/cve/CVE-2020-25596"
},
{
"category": "external",
"summary": "SUSE Bug 1176345 for CVE-2020-25596",
"url": "https://bugzilla.suse.com/1176345"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-25596",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-25596"
},
{
"cve": "CVE-2020-25597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25597"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest. However, operations like the resetting of all event channels may involve decreasing one of the bounds checked when determining validity. This may lead to bug checks triggering, crashing the host. An unprivileged guest may be able to crash Xen, leading to a Denial of Service (DoS) for the entire system. All Xen versions from 4.4 onwards are vulnerable. Xen versions 4.3 and earlier are not vulnerable. Only systems with untrusted guests permitted to create more than the default number of event channels are vulnerable. This number depends on the architecture and type of guest. For 32-bit x86 PV guests, this is 1023; for 64-bit x86 PV guests, and for all ARM guests, this number is 4095. Systems where untrusted guests are limited to fewer than this number are not vulnerable. Note that xl and libxl limit max_event_channels to 1023 by default, so systems using exclusively xl, libvirt+libxl, or their own toolstack based on libxl, and not explicitly setting max_event_channels, are not vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25597",
"url": "https://www.suse.com/security/cve/CVE-2020-25597"
},
{
"category": "external",
"summary": "SUSE Bug 1176346 for CVE-2020-25597",
"url": "https://bugzilla.suse.com/1176346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-25597"
},
{
"cve": "CVE-2020-25600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25600"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bit or Arm (either bitness) ones. 32-bit x86 domains can use only 1023 channels, due to limited space in their shared (between guest and Xen) information structure, whereas all other domains can use up to 4095 in this model. The recording of the respective limit during domain initialization, however, has occurred at a time where domains are still deemed to be 64-bit ones, prior to actually honoring respective domain properties. At the point domains get recognized as 32-bit ones, the limit didn\u0027t get updated accordingly. Due to this misbehavior in Xen, 32-bit domains (including Domain 0) servicing other domains may observe event channel allocations to succeed when they should really fail. Subsequent use of such event channels would then possibly lead to corruption of other parts of the shared info structure. An unprivileged guest may cause another domain, in particular Domain 0, to misbehave. This may lead to a Denial of Service (DoS) for the entire system. All Xen versions from 4.4 onwards are vulnerable. Xen versions 4.3 and earlier are not vulnerable. Only x86 32-bit domains servicing other domains are vulnerable. Arm systems, as well as x86 64-bit domains, are not vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25600",
"url": "https://www.suse.com/security/cve/CVE-2020-25600"
},
{
"category": "external",
"summary": "SUSE Bug 1176348 for CVE-2020-25600",
"url": "https://bugzilla.suse.com/1176348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "important"
}
],
"title": "CVE-2020-25600"
},
{
"cve": "CVE-2020-25601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25601"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of these (when resetting all event channels or when cleaning up after the guest) may take extended periods of time. So far, there was no arrangement for preemption at suitable intervals, allowing a CPU to spend an almost unbounded amount of time in the processing of these operations. Malicious or buggy guest kernels can mount a Denial of Service (DoS) attack affecting the entire system. All Xen versions are vulnerable in principle. Whether versions 4.3 and older are vulnerable depends on underlying hardware characteristics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25601",
"url": "https://www.suse.com/security/cve/CVE-2020-25601"
},
{
"category": "external",
"summary": "SUSE Bug 1176350 for CVE-2020-25601",
"url": "https://bugzilla.suse.com/1176350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-25601"
},
{
"cve": "CVE-2020-25603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25603"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate memory barrier (e.g., smp_*mb()) to prevent both the compiler and CPU from re-ordering access. A malicious guest may be able to cause a hypervisor crash resulting in a Denial of Service (DoS). Information leak and privilege escalation cannot be excluded. Systems running all versions of Xen are affected. Whether a system is vulnerable will depend on the CPU and compiler used to build Xen. For all systems, the presence and the scope of the vulnerability depend on the precise re-ordering performed by the compiler used to build Xen. We have not been able to survey compilers; consequently we cannot say which compiler(s) might produce vulnerable code (with which code generation options). GCC documentation clearly suggests that re-ordering is possible. Arm systems will also be vulnerable if the CPU is able to re-order memory access. Please consult your CPU vendor. x86 systems are only vulnerable if a compiler performs re-ordering.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25603",
"url": "https://www.suse.com/security/cve/CVE-2020-25603"
},
{
"category": "external",
"summary": "SUSE Bug 1176347 for CVE-2020-25603",
"url": "https://bugzilla.suse.com/1176347"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-25603",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "important"
}
],
"title": "CVE-2020-25603"
},
{
"cve": "CVE-2020-25604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25604"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to release a lock that it didn\u0027t acquire. The most likely effect of the issue is a hang or crash of the hypervisor, i.e., a Denial of Service (DoS). All versions of Xen are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only x86 HVM guests can leverage the vulnerability. x86 PV and PVH cannot leverage the vulnerability. Only guests with more than one vCPU can exploit the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25604",
"url": "https://www.suse.com/security/cve/CVE-2020-25604"
},
{
"category": "external",
"summary": "SUSE Bug 1176343 for CVE-2020-25604",
"url": "https://bugzilla.suse.com/1176343"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2020-25604",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-doc-html-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-default-4.4.4_44_3.0.101_108.117-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-kmp-pae-4.4.4_44_3.0.101_108.117-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-32bit-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-libs-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-4.4.4_44-61.55.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:xen-tools-domU-4.4.4_44-61.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-22T12:09:09Z",
"details": "moderate"
}
],
"title": "CVE-2020-25604"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…