Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-24489 (GCVE-0-2020-24489)
Vulnerability from cvelistv5 – Published: 2021-06-09 19:59 – Updated: 2024-08-04 15:12
VLAI
EPSS
Summary
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
8.8 (High)
CWE
- escalation of privilege
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | x_refsource_MISC |
| https://www.debian.org/security/2021/dsa-4934 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) VT-d products |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:09.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) VT-d products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-26T09:06:13.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html"
},
{
"name": "DSA-4934",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-24489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) VT-d products",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html"
},
{
"name": "DSA-4934",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"name": "[debian-lts-announce] 20210726 [SECURITY] [DLA 2718-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-24489",
"datePublished": "2021-06-09T19:59:51.000Z",
"dateReserved": "2020-08-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:12:09.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-24489",
"date": "2026-06-20",
"epss": "0.00352",
"percentile": "0.26871"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"454AC633-5F1C-47BB-8FA7-91A5C29A1DD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2394E8C-58D9-480B-87A7-A41CD7697FC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B9AC02B-D3AE-4FAF-836E-55515186A462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2F55513-48F4-44EC-9293-2CA744FCE07B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51D52347-FA7F-4592-99E4-4C01D2833F35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82EC9A22-4893-4770-A501-31D492DC7EC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"744EC990-7849-4BC1-BC75-1D64693645A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B949F28E-5C73-4222-973E-DC39325E9268\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"132E32FD-4A52-43AF-9C0A-75F299B4C93F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7087FCA7-6D5C-45A5-B380-533915BC608A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85683891-11D4-47B1-834B-5E0380351E78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03D778C7-F242-4A6A-9B62-A7C578D985FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"652EC574-B9B6-4747-AE72-39D1379A596B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"522A9A57-B8D8-4C61-92E3-BE894A765C12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A588BEB3-90B5-482E-B6C4-DC6529B0B4C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j4115:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3C9363D-0A97-4A2D-BFA0-501D5107DBF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"826BAF04-E174-483D-8700-7FA1EAC4D555\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D3162DD-BF40-4A58-8FC4-63B4455C0E51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7A8BF58-1D33-484A-951C-808443912BE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04CEC115-871B-4222-A3F8-6B1EE15E9A2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FD0BD9D-F741-457D-9495-8BCC3707D098\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2935CEA-13CE-4F4C-84B1-0318FB6FE39A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3BB7241-F796-44A7-8171-B555A45FF852\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F967E7C-E56D-46B2-AEB8-1931FA324029\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D902C7F-DCE8-41ED-8E80-26DA251FBF36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71C505E0-3548-49BD-9B53-2A588FF29144\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E735023-A75C-48E3-AD6B-BB29CF95B17F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4080CDEF-3938-44D5-9737-6A9D72DB54B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A77976A7-6C2D-4E0B-A28B-06A23EEA0D68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5600350-04CC-4481-AC47-9F98BEB9D258\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5A64D0A-D1C2-41B3-B51B-563263438CA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B57F4250-80C8-4612-97F6-2702D3F7DF25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AA180B4-0EB8-4884-A600-BFAEB64A0A58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27D79952-8946-488A-8BD8-6129D97A8E34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B17905A-95E2-4E60-8A0F-AA8ABAF9D523\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"752081F5-AE8D-4004-B564-863840AC52E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5375A75A-85AA-4119-9F6C-1AD9D2550F6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5884F21-BAB5-4A45-8C72-C90D07BAECA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC2A2AC5-FA56-49F0-BA00-E96B10FEF889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8FF7ADD-9E27-4A23-9714-5B76132C20BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8771AB4-2F51-494D-8C86-3524BB4219C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4000c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1795C64C-E28B-4003-84B6-AB4140C20750\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D7E822D-994F-410D-B13C-939449FFC293\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4020c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C92E6F6A-82C6-4485-B381-1EFB85B8B1F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB5576F2-4914-427C-9518-ED7D16630CC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ABB7C52-863F-4291-A05B-422EE9615FAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B54D15DF-53EA-4611-932A-EDB8279F582A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE7B5E21-2796-4578-998F-B03E26277DE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77D279BF-5561-4B83-B05C-77597339ECB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96D6F5D3-3559-47AD-8201-C9D34417DC09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA455AC5-8434-4B59-BE89-E82CDACD2AEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D31CA93-6F45-4BCE-B504-35F6494B864C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"406E9139-BCFF-406B-A856-57896D27B752\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF64D95C-653A-4864-A572-CD0A64B6CDF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1000ng4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E40B89C2-49CD-4216-9D4C-79695698EAAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30B2F570-1DD9-49C7-BB72-0EA0E9A417C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DA9CBE9-CF87-495B-8D80-5DDDCD2044B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F751905-287E-47EA-93B8-2BA576052AAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"614B1B4E-E1D7-417F-86D1-92F75D597E36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BD11E86-B786-43C8-9B67-8F680CC30451\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D740D69-83B6-4DBF-8617-9B1E96DFF4FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9963C9F-2D15-479A-A6C1-0C9863904B7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BB09ACB-EFFF-4C2F-BEB5-AE1EEDC1EC2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8B15567-BFEA-43BE-9817-98A1F5548541\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"984C7C7A-2F8E-4918-8526-64A080943E0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44BF0AFB-E9DC-4EA5-BFFF-48F896C655E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43454510-4BE7-4CD1-960D-AE1B36EFBEA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7AFC285-2248-45E7-9009-1402628F17E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"078DAE1F-8581-44FB-83EA-575685928C4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"887BEC29-AD0D-4BEB-B50B-F961629BBF23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93859A03-DE41-4E7B-8646-93925ACBFC42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FD8BD84-B6F9-48D5-8903-2C56C12EFFEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9877F278-641B-4F83-B420-AB4E1018EA9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-11100b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD8DB12-8CBE-4140-97A2-B88C3BF61E6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C60AF0D-983D-454E-8940-209C471DC041\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66BAF09D-8199-4579-B25A-E7C5177385E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21EA30AA-713F-40AD-8C94-C1129198EE98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"114DF43C-839F-4066-AA30-8DC16B1D6687\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39FD6F9C-FEEA-4D52-8745-6477B50AFB0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB69A6F1-9B4D-4CDA-8388-E7FCBB2163DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71615EAF-4DF4-4B9E-BF34-6ED0371A53D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"376B6DD7-1284-4BD9-88A4-5C34303CC5D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"403E8A3A-28C2-4329-BF31-1A530E317959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5F6F725-217C-48FF-86DD-E91A24156121\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"365696BF-CE3D-4CE6-92A8-413DDE43774E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1030ng7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7824FB5D-4401-4785-BD6D-4A8E67434217\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10310u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6F3DE58-EC72-429F-A223-F2027D2828AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8515D29-3823-4F9B-9578-8BB52336A2A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE048AEB-094D-4102-9DBF-488FEB53FF89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1038ng7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E6B9500-2C37-48D5-A0BA-A159D04AC6CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BF497A0-30BC-42A4-A000-C0D564D4872A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3025301-52D3-43D7-B6AB-F3F0A5C882DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B2A62F5-A8DF-4565-B89F-9C58B1FB8D94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9466A6CC-8D69-4EB5-94E2-611297120462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2D116C4-698B-45BC-8622-87E142B37922\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AFE4FE7-AA7E-425E-AF51-2FCB3E4E6C11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCA6E61-F1C9-4629-9068-545B19CF95E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36836EB0-99DD-4217-9182-1E9FC5656C42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD507601-CD6D-4F11-A4A7-790FB740B401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8C26205-C602-46F6-B611-424709325D6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"464587A0-9EAA-4DF5-AFEB-15F2FA9CD407\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1940F59A-67FD-45F9-9C78-51A50687628F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B722E2A-1262-44FD-8F7C-F9A9A5C78744\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DEFF6A7-0DE2-4BEE-80DC-BBAB259647AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BCD9C35-95D0-49E6-A9AC-E3AA8CD3F7B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40E9EC2-A8A6-4800-9F9E-B1237832D6F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"158CC66D-32E5-4396-8E5D-4D90EE9AB62C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55227C1C-D6CE-40AD-A5AA-7143E0A7AEF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E84F0381-296A-408E-90D4-A316EE894A9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"092E3E45-5F58-412F-BAC9-C3B5290D8349\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EA7E6D0-0ADA-4BE1-8273-69AB3DE3BA36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6FCAFC0-EEE2-43E4-AE90-1803588B5689\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8640175-3BC2-4C7B-A5A3-51E5677EDECA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7077CBF1-1FC8-4AF9-8B39-A15871FFD3CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53D902B5-D135-4961-AED9-EA6DF06534B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2910EB49-C9C6-4FC9-AA55-E7A0DAE28B93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B858B433-9DA0-4224-B94C-4962FB3A4138\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F6B5FC3-8E55-430A-A55A-AF541690C576\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11500b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06660D0F-FBB9-4C44-9972-DCE0E6249D7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55568460-F318-48FB-90E4-55CBBAF13E59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7AFF680-DBC6-432E-A6DE-E7E7E4F2F26A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADB84973-3DAC-4458-A817-943302F5EFF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B26C730-32FA-4D51-88FA-E724147147BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFF7C5BF-E151-42DB-B0CF-E2589904C9A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E12D6BD2-7D32-4194-84D3-A0DE4B88BFF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3EC487F-B9A8-410F-AE1F-8D1B74BA77D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A4FD69F-FF53-43F4-97C8-40867DB67958\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD97F84B-ED73-4FFD-8634-10631FEE03EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BC3C45C-FACC-4890-992F-449DF6F06E11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2243674B-E505-4FED-B063-953A1569EA30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA08C262-414E-401A-8F91-131626FA82A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1978F85-5BA5-468E-B797-7FA7EB4F489D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8D3D0CA-C981-4091-99F9-203DA8F156F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EB23D0C-D2BC-4E7F-94AF-CAF171A64307\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CC9312B-40A7-4D4A-A61C-3BA865C29F63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EBECBE5-2BF0-4175-81CC-C6D054C819B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB33CC4F-9D51-4A11-B063-6E78F0D71555\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7092B8E-DD3F-440D-B2AA-F0E5FC4A9725\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA491401-C484-4F77-ABF8-D389C94BF7B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F8B600-B618-48E1-81EE-14A8A843F09F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42ADD367-82C8-4761-AEBA-A0200C5D1CEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AF75C0E-BA48-4C56-8398-109D06B5A5D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25329A6F-9D49-4EA7-B9FB-8C2FA5343475\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22921B65-513F-4ACE-80A2-4A31199BB5EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63719B1D-5A98-44E3-80D8-CF0B4C1C6F80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5365D3B-1B0B-416D-ACFB-23843FD25EAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2556EF0A-B29F-4E9E-BB77-955CBC851EFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5601E40A-96E1-4321-9682-055A1C607488\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF36D9CC-2FD8-4D08-8712-E625D4754613\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56A59A0C-91F2-4AE7-AF60-D98059542438\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3252CF19-9D1D-4A46-9C94-0E7255CDDD8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E11C7F38-3313-4F6D-9D5D-E61C89E716B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70B0C976-3B68-4647-909A-5D574D711C7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA18192E-7DBB-45BB-8568-CA7159AF8CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2FDB568-5340-4DD8-B933-1CD64C370BD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D28DF93B-E15D-47D3-B9C0-4AEE8B7FADD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F2DD1D-DB6F-44D1-BE3B-C798C09CC5F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12ADA9A2-6E64-4F17-B369-816639F0D3BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"514B7B5E-D60D-464A-8CB0-273044FD2E09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFB608EE-83AF-4192-93E1-7DDBA5F6A54C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B807B5D8-BCDB-4398-8ADC-DBD1BD8D2B88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39F9F143-0AB4-4302-82B8-B4EA790EB08D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE73B0A0-E275-449D-8ADD-86AE188DE82A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE06C64A-1610-4340-98CF-AC91258AB215\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C27F79F3-EA0A-429C-8DA9-BC276A94AFB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B07609EB-E10B-4253-938E-81566036D81B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9B7AEF3-7A62-43B2-8F0C-70E5A2CDB29A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CC44D69-AAAB-4524-9D12-F1A606D57831\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D23D2887-1246-4EA4-B8B6-57BC7FB869E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEFC46D5-B23D-4513-9669-4DC53662F87B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10910:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B52310FF-8235-4081-B679-CA56C0361B1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D264277-00CB-4FCC-ADAA-38536609D0F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CC25725-73F6-4948-B17A-A05E8978EB78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D9BFA32-89B3-4E26-B980-2694B5378D8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65E2A7C5-78D9-4F75-B8A2-5EB3ECEFBFF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2D04A37-79EE-467B-BD8A-0CA0BDD85F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900kb:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84C7E63D-3622-4F10-94E1-E03357C5C167\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FECF6BE-2CED-4510-91C5-195686C9C421\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B903E2A0-EE73-4F13-AB26-8F5644462E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"170B497C-05F2-46B5-92CD-ACF7C0BE1711\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEF53EA8-8EB4-455C-A986-405DBB122D3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_j2850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C43D202-D661-4042-9F68-0FA7EE73CFEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_j2900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29ECACD3-E10C-4773-B847-8C1C097C45FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_j3710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56C4EF86-84BF-48F4-88DE-8142A270D4A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6585755-C56C-4910-A7D5-B2153396AC7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_j6426:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7596F281-BA94-4239-8238-AA5EC804AE11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3510:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A635B99E-A03F-488A-A01B-B390691EA03B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3520:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22EAE772-AFAC-4272-8129-B416B171490C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3530:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDB3841D-3872-42BD-B0FB-E3E61813CA63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3540:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5DC1B8F-3F6C-49D8-BF5F-54146DE3E83C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1A836B1-451E-4CEF-8A14-89FFB9289DD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n3710:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BC51285-B40A-4BEA-9CFF-F3BC01B5BA80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A944A8C-462E-4FF9-8AD6-1687297DD0DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5378FE6C-251A-4BCD-B151-EA42B594DC37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"638FA431-71EA-4668-AFF2-989A4994ED12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_a1030:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2333A48E-DBE1-47CC-BCFD-FEE0219AD858\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC903FA4-2C4E-4EBB-8BFA-579844B87354\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"667F2E6C-C2FD-4E4B-9CC4-2EF33A74F61B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DF16D51-5662-47C3-8911-0FACEEDB9D80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECC4430E-E4B1-454F-8C95-6412D34454C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31282347-8DCB-4B37-A853-DFD9D5AF31EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42841FAC-A6EC-44F3-9FCD-B4549A783014\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.\"}, {\"lang\": \"es\", \"value\": \"Una limpieza incompleta en algunos productos Intel\\u00ae VT-d puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local\"}]",
"id": "CVE-2020-24489",
"lastModified": "2024-11-21T05:14:54.160",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-06-09T20:15:08.140",
"references": "[{\"url\": \"https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4934\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4934\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-459\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-24489\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2021-06-09T20:15:08.140\",\"lastModified\":\"2024-11-21T05:14:54.160\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"Una limpieza incompleta en algunos productos Intel\u00ae VT-d puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-459\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"454AC633-5F1C-47BB-8FA7-91A5C29A1DD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2394E8C-58D9-480B-87A7-A41CD7697FC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9AC02B-D3AE-4FAF-836E-55515186A462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2F55513-48F4-44EC-9293-2CA744FCE07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D52347-FA7F-4592-99E4-4C01D2833F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EC9A22-4893-4770-A501-31D492DC7EC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"744EC990-7849-4BC1-BC75-1D64693645A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B949F28E-5C73-4222-973E-DC39325E9268\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132E32FD-4A52-43AF-9C0A-75F299B4C93F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7087FCA7-6D5C-45A5-B380-533915BC608A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85683891-11D4-47B1-834B-5E0380351E78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D778C7-F242-4A6A-9B62-A7C578D985FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"652EC574-B9B6-4747-AE72-39D1379A596B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"522A9A57-B8D8-4C61-92E3-BE894A765C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A588BEB3-90B5-482E-B6C4-DC6529B0B4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j4115:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C9363D-0A97-4A2D-BFA0-501D5107DBF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"826BAF04-E174-483D-8700-7FA1EAC4D555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D3162DD-BF40-4A58-8FC4-63B4455C0E51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7A8BF58-1D33-484A-951C-808443912BE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04CEC115-871B-4222-A3F8-6B1EE15E9A2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FD0BD9D-F741-457D-9495-8BCC3707D098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2935CEA-13CE-4F4C-84B1-0318FB6FE39A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3BB7241-F796-44A7-8171-B555A45FF852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F967E7C-E56D-46B2-AEB8-1931FA324029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D902C7F-DCE8-41ED-8E80-26DA251FBF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71C505E0-3548-49BD-9B53-2A588FF29144\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E735023-A75C-48E3-AD6B-BB29CF95B17F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4080CDEF-3938-44D5-9737-6A9D72DB54B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A77976A7-6C2D-4E0B-A28B-06A23EEA0D68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5600350-04CC-4481-AC47-9F98BEB9D258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5A64D0A-D1C2-41B3-B51B-563263438CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57F4250-80C8-4612-97F6-2702D3F7DF25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AA180B4-0EB8-4884-A600-BFAEB64A0A58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D79952-8946-488A-8BD8-6129D97A8E34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B17905A-95E2-4E60-8A0F-AA8ABAF9D523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752081F5-AE8D-4004-B564-863840AC52E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5375A75A-85AA-4119-9F6C-1AD9D2550F6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5884F21-BAB5-4A45-8C72-C90D07BAECA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC2A2AC5-FA56-49F0-BA00-E96B10FEF889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8FF7ADD-9E27-4A23-9714-5B76132C20BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8771AB4-2F51-494D-8C86-3524BB4219C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4000c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1795C64C-E28B-4003-84B6-AB4140C20750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D7E822D-994F-410D-B13C-939449FFC293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4020c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C92E6F6A-82C6-4485-B381-1EFB85B8B1F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB5576F2-4914-427C-9518-ED7D16630CC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ABB7C52-863F-4291-A05B-422EE9615FAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B54D15DF-53EA-4611-932A-EDB8279F582A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE7B5E21-2796-4578-998F-B03E26277DE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77D279BF-5561-4B83-B05C-77597339ECB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96D6F5D3-3559-47AD-8201-C9D34417DC09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA455AC5-8434-4B59-BE89-E82CDACD2AEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D31CA93-6F45-4BCE-B504-35F6494B864C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"406E9139-BCFF-406B-A856-57896D27B752\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF64D95C-653A-4864-A572-CD0A64B6CDF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1000ng4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E40B89C2-49CD-4216-9D4C-79695698EAAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B2F570-1DD9-49C7-BB72-0EA0E9A417C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DA9CBE9-CF87-495B-8D80-5DDDCD2044B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F751905-287E-47EA-93B8-2BA576052AAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"614B1B4E-E1D7-417F-86D1-92F75D597E36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BD11E86-B786-43C8-9B67-8F680CC30451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D740D69-83B6-4DBF-8617-9B1E96DFF4FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9963C9F-2D15-479A-A6C1-0C9863904B7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BB09ACB-EFFF-4C2F-BEB5-AE1EEDC1EC2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B15567-BFEA-43BE-9817-98A1F5548541\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"984C7C7A-2F8E-4918-8526-64A080943E0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44BF0AFB-E9DC-4EA5-BFFF-48F896C655E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43454510-4BE7-4CD1-960D-AE1B36EFBEA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7AFC285-2248-45E7-9009-1402628F17E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"078DAE1F-8581-44FB-83EA-575685928C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"887BEC29-AD0D-4BEB-B50B-F961629BBF23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93859A03-DE41-4E7B-8646-93925ACBFC42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FD8BD84-B6F9-48D5-8903-2C56C12EFFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9877F278-641B-4F83-B420-AB4E1018EA9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-11100b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD8DB12-8CBE-4140-97A2-B88C3BF61E6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C60AF0D-983D-454E-8940-209C471DC041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BAF09D-8199-4579-B25A-E7C5177385E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21EA30AA-713F-40AD-8C94-C1129198EE98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"114DF43C-839F-4066-AA30-8DC16B1D6687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39FD6F9C-FEEA-4D52-8745-6477B50AFB0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB69A6F1-9B4D-4CDA-8388-E7FCBB2163DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71615EAF-4DF4-4B9E-BF34-6ED0371A53D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"376B6DD7-1284-4BD9-88A4-5C34303CC5D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"403E8A3A-28C2-4329-BF31-1A530E317959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5F6F725-217C-48FF-86DD-E91A24156121\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"365696BF-CE3D-4CE6-92A8-413DDE43774E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1030ng7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7824FB5D-4401-4785-BD6D-4A8E67434217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10310u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F3DE58-EC72-429F-A223-F2027D2828AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8515D29-3823-4F9B-9578-8BB52336A2A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE048AEB-094D-4102-9DBF-488FEB53FF89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1038ng7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E6B9500-2C37-48D5-A0BA-A159D04AC6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF497A0-30BC-42A4-A000-C0D564D4872A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3025301-52D3-43D7-B6AB-F3F0A5C882DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B2A62F5-A8DF-4565-B89F-9C58B1FB8D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9466A6CC-8D69-4EB5-94E2-611297120462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2D116C4-698B-45BC-8622-87E142B37922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AFE4FE7-AA7E-425E-AF51-2FCB3E4E6C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCA6E61-F1C9-4629-9068-545B19CF95E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36836EB0-99DD-4217-9182-1E9FC5656C42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD507601-CD6D-4F11-A4A7-790FB740B401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8C26205-C602-46F6-B611-424709325D6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"464587A0-9EAA-4DF5-AFEB-15F2FA9CD407\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1940F59A-67FD-45F9-9C78-51A50687628F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B722E2A-1262-44FD-8F7C-F9A9A5C78744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEFF6A7-0DE2-4BEE-80DC-BBAB259647AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BCD9C35-95D0-49E6-A9AC-E3AA8CD3F7B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40E9EC2-A8A6-4800-9F9E-B1237832D6F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"158CC66D-32E5-4396-8E5D-4D90EE9AB62C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55227C1C-D6CE-40AD-A5AA-7143E0A7AEF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84F0381-296A-408E-90D4-A316EE894A9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092E3E45-5F58-412F-BAC9-C3B5290D8349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EA7E6D0-0ADA-4BE1-8273-69AB3DE3BA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6FCAFC0-EEE2-43E4-AE90-1803588B5689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8640175-3BC2-4C7B-A5A3-51E5677EDECA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7077CBF1-1FC8-4AF9-8B39-A15871FFD3CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D902B5-D135-4961-AED9-EA6DF06534B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2910EB49-C9C6-4FC9-AA55-E7A0DAE28B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B858B433-9DA0-4224-B94C-4962FB3A4138\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6B5FC3-8E55-430A-A55A-AF541690C576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11500b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06660D0F-FBB9-4C44-9972-DCE0E6249D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55568460-F318-48FB-90E4-55CBBAF13E59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7AFF680-DBC6-432E-A6DE-E7E7E4F2F26A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADB84973-3DAC-4458-A817-943302F5EFF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B26C730-32FA-4D51-88FA-E724147147BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF7C5BF-E151-42DB-B0CF-E2589904C9A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12D6BD2-7D32-4194-84D3-A0DE4B88BFF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EC487F-B9A8-410F-AE1F-8D1B74BA77D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A4FD69F-FF53-43F4-97C8-40867DB67958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD97F84B-ED73-4FFD-8634-10631FEE03EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC3C45C-FACC-4890-992F-449DF6F06E11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2243674B-E505-4FED-B063-953A1569EA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA08C262-414E-401A-8F91-131626FA82A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1978F85-5BA5-468E-B797-7FA7EB4F489D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D3D0CA-C981-4091-99F9-203DA8F156F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EB23D0C-D2BC-4E7F-94AF-CAF171A64307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CC9312B-40A7-4D4A-A61C-3BA865C29F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EBECBE5-2BF0-4175-81CC-C6D054C819B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB33CC4F-9D51-4A11-B063-6E78F0D71555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7092B8E-DD3F-440D-B2AA-F0E5FC4A9725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA491401-C484-4F77-ABF8-D389C94BF7B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F8B600-B618-48E1-81EE-14A8A843F09F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42ADD367-82C8-4761-AEBA-A0200C5D1CEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AF75C0E-BA48-4C56-8398-109D06B5A5D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25329A6F-9D49-4EA7-B9FB-8C2FA5343475\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22921B65-513F-4ACE-80A2-4A31199BB5EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63719B1D-5A98-44E3-80D8-CF0B4C1C6F80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5365D3B-1B0B-416D-ACFB-23843FD25EAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2556EF0A-B29F-4E9E-BB77-955CBC851EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5601E40A-96E1-4321-9682-055A1C607488\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF36D9CC-2FD8-4D08-8712-E625D4754613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56A59A0C-91F2-4AE7-AF60-D98059542438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3252CF19-9D1D-4A46-9C94-0E7255CDDD8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E11C7F38-3313-4F6D-9D5D-E61C89E716B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B0C976-3B68-4647-909A-5D574D711C7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA18192E-7DBB-45BB-8568-CA7159AF8CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2FDB568-5340-4DD8-B933-1CD64C370BD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D28DF93B-E15D-47D3-B9C0-4AEE8B7FADD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F2DD1D-DB6F-44D1-BE3B-C798C09CC5F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12ADA9A2-6E64-4F17-B369-816639F0D3BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"514B7B5E-D60D-464A-8CB0-273044FD2E09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFB608EE-83AF-4192-93E1-7DDBA5F6A54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B807B5D8-BCDB-4398-8ADC-DBD1BD8D2B88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F9F143-0AB4-4302-82B8-B4EA790EB08D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE73B0A0-E275-449D-8ADD-86AE188DE82A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE06C64A-1610-4340-98CF-AC91258AB215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C27F79F3-EA0A-429C-8DA9-BC276A94AFB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07609EB-E10B-4253-938E-81566036D81B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9B7AEF3-7A62-43B2-8F0C-70E5A2CDB29A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CC44D69-AAAB-4524-9D12-F1A606D57831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D23D2887-1246-4EA4-B8B6-57BC7FB869E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEFC46D5-B23D-4513-9669-4DC53662F87B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10910:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52310FF-8235-4081-B679-CA56C0361B1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D264277-00CB-4FCC-ADAA-38536609D0F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC25725-73F6-4948-B17A-A05E8978EB78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D9BFA32-89B3-4E26-B980-2694B5378D8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65E2A7C5-78D9-4F75-B8A2-5EB3ECEFBFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2D04A37-79EE-467B-BD8A-0CA0BDD85F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900kb:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84C7E63D-3622-4F10-94E1-E03357C5C167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FECF6BE-2CED-4510-91C5-195686C9C421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B903E2A0-EE73-4F13-AB26-8F5644462E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"170B497C-05F2-46B5-92CD-ACF7C0BE1711\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF53EA8-8EB4-455C-A986-405DBB122D3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_j2850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C43D202-D661-4042-9F68-0FA7EE73CFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_j2900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29ECACD3-E10C-4773-B847-8C1C097C45FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_j3710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C4EF86-84BF-48F4-88DE-8142A270D4A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6585755-C56C-4910-A7D5-B2153396AC7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_j6426:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7596F281-BA94-4239-8238-AA5EC804AE11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A635B99E-A03F-488A-A01B-B390691EA03B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22EAE772-AFAC-4272-8129-B416B171490C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3530:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDB3841D-3872-42BD-B0FB-E3E61813CA63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5DC1B8F-3F6C-49D8-BF5F-54146DE3E83C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A836B1-451E-4CEF-8A14-89FFB9289DD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n3710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BC51285-B40A-4BEA-9CFF-F3BC01B5BA80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A944A8C-462E-4FF9-8AD6-1687297DD0DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5378FE6C-251A-4BCD-B151-EA42B594DC37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"638FA431-71EA-4668-AFF2-989A4994ED12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_a1030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2333A48E-DBE1-47CC-BCFD-FEE0219AD858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC903FA4-2C4E-4EBB-8BFA-579844B87354\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"667F2E6C-C2FD-4E4B-9CC4-2EF33A74F61B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF16D51-5662-47C3-8911-0FACEEDB9D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECC4430E-E4B1-454F-8C95-6412D34454C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31282347-8DCB-4B37-A853-DFD9D5AF31EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42841FAC-A6EC-44F3-9FCD-B4549A783014\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4934\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
RHSA-2021_3323
Vulnerability from csaf_redhat - Published: 2021-08-31 07:59 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
62 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3323",
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972336"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3323.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:31+00:00",
"generator": {
"date": "2024-11-22T17:04:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3323",
"initial_release_date": "2021-08-31T07:59:36+00:00",
"revision_history": [
{
"date": "2021-08-31T07:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T07:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product_id": "microcode_ctl-2:2.1-12.39.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-12.39.el7_2?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product_id": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@2.1-12.39.el7_2?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product": {
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product_id": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl-debuginfo@2.1-12.39.el7_2?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src"
},
"product_reference": "microcode_ctl-2:2.1-12.39.el7_2.src",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-2:2.1-12.39.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64"
},
"product_reference": "microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.2)",
"product_id": "7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
},
"product_reference": "microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64",
"relates_to_product_reference": "7Server-7.2.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T07:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.src",
"7Server-7.2.AUS:microcode_ctl-2:2.1-12.39.el7_2.x86_64",
"7Server-7.2.AUS:microcode_ctl-debuginfo-2:2.1-12.39.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
RHSA-2021_3364
Vulnerability from csaf_redhat - Published: 2021-08-31 09:26 - Updated: 2024-11-22 17:04Summary
Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
Severity
Important
Notes
Topic: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.2 Extended User Support.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
* hw: Vector Register Data Sampling (CVE-2020-0548)
* hw: L1D Cache Eviction Sampling (CVE-2020-0549)
* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
* hw: Information disclosure issue in Intel SGX via RAPL interface
(CVE-2020-8695)
* hw: Vector Register Leakage-Active (CVE-2020-8696)
* hw: Fast forward store predictor (CVE-2020-8698)
* hw: vt-d related privilege escalation (CVE-2020-24489)
* hw: improper isolation of shared resources in some Intel Processors
(CVE-2020-24511)
* hw: observable timing discrepancy in some Intel Processors
(CVE-2020-24512)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.
6.5 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Threats
Impact
Low
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.
6.5 (Medium)
Affected products
Threats
Impact
Moderate
A vulnerability was found in Intel's implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.
5.1 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.
CWE-212 - Improper Removal of Sensitive Information Before Storage or TransferAffected products
Threats
Impact
Moderate
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.
5.5 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 (High)
Affected products
Threats
Impact
Important
Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.
5.6 (Medium)
Affected products
Threats
Impact
Moderate
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Threats
Impact
Low
References
63 references
Acknowledgments
Intel
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.2 Extended User Support.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3364",
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "1972326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972326"
},
{
"category": "external",
"summary": "1972329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3364.json"
}
],
"title": "Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T17:04:17+00:00",
"generator": {
"date": "2024-11-22T17:04:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:3364",
"initial_release_date": "2021-08-31T09:26:30+00:00",
"revision_history": [
{
"date": "2021-08-31T09:26:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-31T09:26:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T17:04:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product_id": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@20191115-4.20210608.1.el8_2?arch=src\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product_id": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/microcode_ctl@20191115-4.20210608.1.el8_2?arch=x86_64\u0026epoch=4"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src"
},
"product_reference": "microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
},
"product_reference": "microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-0543",
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1827165"
}
],
"notes": [
{
"category": "description",
"text": "A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Special Register Buffer Data Sampling (SRBDS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/5142691",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0543"
},
{
"category": "external",
"summary": "RHBZ#1827165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0543",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142691",
"url": "https://access.redhat.com/solutions/5142691"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/5142751",
"url": "https://access.redhat.com/solutions/5142751"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri",
"url": "https://blogs.intel.com/technology/2020/06/ipas-security-advisories-for-june-2020/#gs.6uyhri"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling",
"url": "https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling"
},
{
"category": "external",
"summary": "https://xenbits.xen.org/xsa/advisory-320.html",
"url": "https://xenbits.xen.org/xsa/advisory-320.html"
}
],
"release_date": "2020-06-09T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Special Register Buffer Data Sampling (SRBDS)"
},
{
"cve": "CVE-2020-0548",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Data Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0548"
},
{
"category": "external",
"summary": "RHBZ#1788786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: Vector Register Data Sampling"
},
{
"cve": "CVE-2020-0549",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788788"
}
],
"notes": [
{
"category": "description",
"text": "A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the \u201cfill buffers\u201d and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: L1D Cache Eviction Sampling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0549"
},
{
"category": "external",
"summary": "RHBZ#1788788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0549",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling",
"url": "https://access.redhat.com/solutions/l1d-cache-eviction-and-vector-register-sampling"
},
{
"category": "external",
"summary": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/",
"url": "https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/"
},
{
"category": "external",
"summary": "https://cacheoutattack.com/CacheOut.pdf",
"url": "https://cacheoutattack.com/CacheOut.pdf"
},
{
"category": "external",
"summary": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling",
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling"
}
],
"release_date": "2020-01-27T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: L1D Cache Eviction Sampling"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8695",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828583"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Intel\u0027s implementation of RAPL (Running Average Power Limit). An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Information disclosure issue in Intel SGX via RAPL interface",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "RHBZ#1828583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828583"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8695"
},
{
"category": "external",
"summary": "https://en.wikipedia.org/wiki/Power_analysis",
"url": "https://en.wikipedia.org/wiki/Power_analysis"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html"
}
],
"release_date": "2020-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
},
{
"category": "workaround",
"details": "Until a firmware update and reboot can be applied, the attack vector can be reduced by limiting read access to the sysfs attributes that export this functionality to userspace. \n\nThe command:\n~~~\nsudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj\n~~~\nWill do this for the current boot, it will need to be scripted to run at each boot to remain persistent across reboots.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Information disclosure issue in Intel SGX via RAPL interface"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8696",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890355"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Intel Advanced Vector Extensions (AVX) implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Vector Register Leakage-Active",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "RHBZ#1890355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890355"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8696"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8696"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Vector Register Leakage-Active"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-8698",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1890356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: Fast forward store predictor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "RHBZ#1890356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890356"
},
{
"category": "external",
"summary": "RHSB-5569051",
"url": "https://access.redhat.com/articles/5569051"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8698"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: Fast forward store predictor"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24489",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Intel\u00ae VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: vt-d related privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "RHBZ#1962650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24489",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24489"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hw: vt-d related privilege escalation"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24511",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962702"
}
],
"notes": [
{
"category": "description",
"text": "Microcode misconfiguration in some Intel processors may cause EIBRS mitigation (CVE-2017-5715) to be incomplete. As a consequence, this issue may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: improper isolation of shared resources in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "RHBZ#1962702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24511"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hw: improper isolation of shared resources in some Intel Processors"
},
{
"acknowledgments": [
{
"names": [
"Intel"
]
}
],
"cve": "CVE-2020-24512",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1962722"
}
],
"notes": [
{
"category": "description",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hw: observable timing discrepancy in some Intel Processors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "RHBZ#1962722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962722"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24512"
}
],
"release_date": "2021-06-08T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-31T09:26:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.src",
"BaseOS-8.2.0.Z.EUS:microcode_ctl-4:20191115-4.20210608.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hw: observable timing discrepancy in some Intel Processors"
}
]
}
SUSE-SU-2021:14758-1
Vulnerability from csaf_suse - Published: 2021-06-28 13:03 - Updated: 2021-06-28 13:03Summary
Security update for microcode_ctl
Severity
Important
Notes
Title of the patch: Security update for microcode_ctl
Description of the patch: This update for microcode_ctl fixes the following issues:
Updated to Intel CPU Microcode 20210525 release:
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (bsc#1179833)
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (bsc#1179836)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (bsc#1179839)
Patchnames: sleposp3-microcode_ctl-14758,slessp4-microcode_ctl-14758
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for microcode_ctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for microcode_ctl fixes the following issues:\n\nUpdated to Intel CPU Microcode 20210525 release:\n\n- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (bsc#1179833)\n- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (bsc#1179836)\n- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837)\n- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (bsc#1179839)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-microcode_ctl-14758,slessp4-microcode_ctl-14758",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_14758-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:14758-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114758-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:14758-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009092.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for microcode_ctl",
"tracking": {
"current_release_date": "2021-06-28T13:03:33Z",
"generator": {
"date": "2021-06-28T13:03:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:14758-1",
"initial_release_date": "2021-06-28T13:03:33Z",
"revision_history": [
{
"date": "2021-06-28T13:03:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.71.1.i586",
"product": {
"name": "microcode_ctl-1.17-102.83.71.1.i586",
"product_id": "microcode_ctl-1.17-102.83.71.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.71.1.x86_64",
"product": {
"name": "microcode_ctl-1.17-102.83.71.1.x86_64",
"product_id": "microcode_ctl-1.17-102.83.71.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.71.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.71.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.71.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.71.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.71.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
},
"product_reference": "microcode_ctl-1.17-102.83.71.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:03:33Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:03:33Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:03:33Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.71.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:03:33Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
SUSE-SU-2021:1929-1
Vulnerability from csaf_suse - Published: 2021-06-10 07:18 - Updated: 2021-06-10 07:18Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20210608 release.
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
Other fixes:
- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
- New platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2
| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3
| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB
| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB
| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile
| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11
- Updated platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile
Patchnames: SUSE-2021-1929,SUSE-SLE-SERVER-12-SP5-2021-1929
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\nUpdated to Intel CPU Microcode 20210608 release.\n\n- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)\n See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html\n\n- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\n\nOther fixes:\n\n- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.\n- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n- New platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2\n| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3\n| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3\n| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB\n| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB\n| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile\n| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile\n| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile\n| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E\n| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105\n| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11\n\n- Updated platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3\n| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3\n| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx\n| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable\n| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable\n| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx\n| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2\n| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2\n| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3\n| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19\n| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87\n| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53\n| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx\n| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5\n| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series\n| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx\n| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile\n| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology\n| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile\n| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile\n| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile\n| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6\n| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E\n| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8\n| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9\n| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile\n| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile\n| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10\n| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10\n| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile\n| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1929,SUSE-SLE-SERVER-12-SP5-2021-1929",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1929-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1929-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211929-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1929-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008977.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2021-06-10T07:18:57Z",
"generator": {
"date": "2021-06-10T07:18:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1929-1",
"initial_release_date": "2021-06-10T07:18:57Z",
"revision_history": [
{
"date": "2021-06-10T07:18:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.35.1.i586",
"product": {
"name": "ucode-intel-20210525-3.35.1.i586",
"product_id": "ucode-intel-20210525-3.35.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.35.1.x86_64",
"product": {
"name": "ucode-intel-20210525-3.35.1.x86_64",
"product_id": "ucode-intel-20210525-3.35.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.35.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.35.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.35.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T07:18:57Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T07:18:57Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T07:18:57Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20210525-3.35.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20210525-3.35.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T07:18:57Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
SUSE-SU-2021:1930-1
Vulnerability from csaf_suse - Published: 2021-06-10 08:26 - Updated: 2021-06-10 08:26Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20210608 release.
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
Other fixes:
- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
- New platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2
| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3
| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB
| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB
| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile
| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11
- Updated platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile
Patchnames: HPE-Helion-OpenStack-8-2021-1930,SUSE-2021-1930,SUSE-OpenStack-Cloud-8-2021-1930,SUSE-OpenStack-Cloud-9-2021-1930,SUSE-OpenStack-Cloud-Crowbar-8-2021-1930,SUSE-OpenStack-Cloud-Crowbar-9-2021-1930,SUSE-SLE-SAP-12-SP3-2021-1930,SUSE-SLE-SAP-12-SP4-2021-1930,SUSE-SLE-SERVER-12-SP2-BCL-2021-1930,SUSE-SLE-SERVER-12-SP3-2021-1930,SUSE-SLE-SERVER-12-SP3-BCL-2021-1930,SUSE-SLE-SERVER-12-SP4-LTSS-2021-1930
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\nUpdated to Intel CPU Microcode 20210608 release.\n\n- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)\n\n See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html\n\n- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\n\nOther fixes:\n\n- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.\n- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n- New platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2\n| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3\n| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3\n| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB\n| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB\n| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile\n| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile\n| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile\n| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E\n| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105\n| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11\n\n- Updated platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3\n| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3\n| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx\n| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable\n| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable\n| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx\n| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2\n| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2\n| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3\n| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19\n| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87\n| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53\n| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx\n| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5\n| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series\n| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx\n| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile\n| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology\n| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile\n| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile\n| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile\n| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6\n| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E\n| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8\n| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9\n| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile\n| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile\n| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10\n| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10\n| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile\n| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2021-1930,SUSE-2021-1930,SUSE-OpenStack-Cloud-8-2021-1930,SUSE-OpenStack-Cloud-9-2021-1930,SUSE-OpenStack-Cloud-Crowbar-8-2021-1930,SUSE-OpenStack-Cloud-Crowbar-9-2021-1930,SUSE-SLE-SAP-12-SP3-2021-1930,SUSE-SLE-SAP-12-SP4-2021-1930,SUSE-SLE-SERVER-12-SP2-BCL-2021-1930,SUSE-SLE-SERVER-12-SP3-2021-1930,SUSE-SLE-SERVER-12-SP3-BCL-2021-1930,SUSE-SLE-SERVER-12-SP4-LTSS-2021-1930",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1930-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1930-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211930-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1930-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2021-June/019273.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2021-06-10T08:26:44Z",
"generator": {
"date": "2021-06-10T08:26:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1930-1",
"initial_release_date": "2021-06-10T08:26:44Z",
"revision_history": [
{
"date": "2021-06-10T08:26:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-13.90.1.i586",
"product": {
"name": "ucode-intel-20210525-13.90.1.i586",
"product_id": "ucode-intel-20210525-13.90.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-13.90.1.x86_64",
"product": {
"name": "ucode-intel-20210525-13.90.1.x86_64",
"product_id": "ucode-intel-20210525-13.90.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-13.90.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64"
},
"product_reference": "ucode-intel-20210525-13.90.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:26:44Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:26:44Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:26:44Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20210525-13.90.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20210525-13.90.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20210525-13.90.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:26:44Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
SUSE-SU-2021:1931-1
Vulnerability from csaf_suse - Published: 2021-06-10 08:27 - Updated: 2021-06-10 08:27Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20210608 release.
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
Other fixes:
- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
- New platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2
| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3
| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB
| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB
| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile
| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11
- Updated platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile
Patchnames: SUSE-2021-1931,SUSE-SLE-Product-HPC-15-2021-1931,SUSE-SLE-Product-SLES_SAP-15-2021-1931
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\nUpdated to Intel CPU Microcode 20210608 release.\n\n - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)\n\n See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html\n\n - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\n\nOther fixes:\n\n- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.\n- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n- New platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2\n| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3\n| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3\n| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB\n| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB\n| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile\n| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile\n| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile\n| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E\n| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105\n| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11\n\n- Updated platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3\n| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3\n| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx\n| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable\n| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable\n| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx\n| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2\n| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2\n| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3\n| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19\n| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87\n| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53\n| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx\n| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5\n| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series\n| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx\n| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile\n| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology\n| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile\n| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile\n| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile\n| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6\n| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E\n| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8\n| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9\n| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile\n| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile\n| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10\n| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10\n| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile\n| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1931,SUSE-SLE-Product-HPC-15-2021-1931,SUSE-SLE-Product-SLES_SAP-15-2021-1931",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1931-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1931-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211931-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1931-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008983.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2021-06-10T08:27:00Z",
"generator": {
"date": "2021-06-10T08:27:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1931-1",
"initial_release_date": "2021-06-10T08:27:00Z",
"revision_history": [
{
"date": "2021-06-10T08:27:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.67.1.i586",
"product": {
"name": "ucode-intel-20210525-3.67.1.i586",
"product_id": "ucode-intel-20210525-3.67.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.67.1.x86_64",
"product": {
"name": "ucode-intel-20210525-3.67.1.x86_64",
"product_id": "ucode-intel-20210525-3.67.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.67.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.67.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.67.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.67.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:27:00Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:27:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:27:00Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20210525-3.67.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20210525-3.67.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:27:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
SUSE-SU-2021:1932-1
Vulnerability from csaf_suse - Published: 2021-06-10 08:28 - Updated: 2021-06-10 08:28Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Updated to Intel CPU Microcode 20210525 release.
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
Other fixes:
- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
- New platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2
| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3
| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB
| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB
| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile
| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11
- Updated platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile
Patchnames: SUSE-2021-1932,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1932,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1932,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1932,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1932,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1932,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1932,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1932,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1932,SUSE-Storage-6-2021-1932
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Updated to Intel CPU Microcode 20210525 release.\n\n - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)\n\n See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html\n\n - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\n\nOther fixes:\n\n- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.\n- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n- New platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2\n| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3\n| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3\n| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB\n| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB\n| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile\n| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile\n| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile\n| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E\n| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105\n| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11\n\n- Updated platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3\n| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3\n| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx\n| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable\n| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable\n| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx\n| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2\n| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2\n| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3\n| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19\n| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87\n| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53\n| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx\n| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5\n| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series\n| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx\n| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile\n| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology\n| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile\n| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile\n| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile\n| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6\n| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E\n| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8\n| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9\n| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile\n| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile\n| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10\n| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10\n| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile\n| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1932,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1932,SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1932,SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1932,SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1932,SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1932,SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1932,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1932,SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1932,SUSE-Storage-6-2021-1932",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1932-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1932-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211932-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1932-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008980.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2021-06-10T08:28:15Z",
"generator": {
"date": "2021-06-10T08:28:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1932-1",
"initial_release_date": "2021-06-10T08:28:15Z",
"revision_history": [
{
"date": "2021-06-10T08:28:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.203.1.i586",
"product": {
"name": "ucode-intel-20210525-3.203.1.i586",
"product_id": "ucode-intel-20210525-3.203.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-3.203.1.x86_64",
"product": {
"name": "ucode-intel-20210525-3.203.1.x86_64",
"product_id": "ucode-intel-20210525-3.203.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.0",
"product": {
"name": "SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.0",
"product": {
"name": "SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.0",
"product": {
"name": "SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Manager Proxy 4.0",
"product_id": "SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Manager Retail Branch Server 4.0",
"product_id": "SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Manager Server 4.0",
"product_id": "SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-3.203.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64"
},
"product_reference": "ucode-intel-20210525-3.203.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:15Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:15Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Proxy 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Retail Branch Server 4.0:ucode-intel-20210525-3.203.1.x86_64",
"SUSE Manager Server 4.0:ucode-intel-20210525-3.203.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
SUSE-SU-2021:1933-1
Vulnerability from csaf_suse - Published: 2021-06-10 08:28 - Updated: 2021-06-10 08:28Summary
Security update for ucode-intel
Severity
Important
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20210608 release.
- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)
See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)
- CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)
See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
Other fixes:
- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.
- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
- New platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2
| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3
| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3
| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB
| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB
| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile
| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile
| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile
| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E
| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105
| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11
- Updated platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3
| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile
| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx
| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2
| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3
| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19
| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87
| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53
| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5
| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series
| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx
| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile
| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology
| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile
| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10
| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile
| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile
Patchnames: SUSE-2021-1933,SUSE-SLE-Module-Basesystem-15-SP2-2021-1933,SUSE-SLE-Module-Basesystem-15-SP3-2021-1933,SUSE-SUSE-MicroOS-5.0-2021-1933
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.6 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\nUpdated to Intel CPU Microcode 20210608 release.\n\n- CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833)\n See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html\n\n- CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n- CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html)\n\n - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839)\n\n See also https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html\n\nOther fixes:\n\n- Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/637780)for details.\n- Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-d-1500-specification-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e7-v3-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n- Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n- Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n- Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n- Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n- Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n- New platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2\n| ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon Scalable Gen3\n| ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3\n| SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB\n| SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB\n| TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile\n| TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile\n| TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile\n| EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E\n| JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105\n| RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11\n\n- Updated platforms:\n\n| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n|:---------------|:---------|:------------|:---------|:---------|:---------\n| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3\n| HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3\n| SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile\n| BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx\n| SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable\n| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable\n| SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx\n| CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2\n| CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2\n| CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3\n| BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19\n| BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87\n| BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53\n| APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n| APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx\n| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5\n| DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series\n| GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx\n| GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n| ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile\n| LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology\n| AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile\n| CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile\n| WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile\n| AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile\n| WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile\n| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6\n| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E\n| CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8\n| CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea | Core Gen9\n| CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile\n| CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile\n| CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10\n| CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10\n| CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile\n| CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-1933,SUSE-SLE-Module-Basesystem-15-SP2-2021-1933,SUSE-SLE-Module-Basesystem-15-SP3-2021-1933,SUSE-SUSE-MicroOS-5.0-2021-1933",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1933-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:1933-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20211933-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:1933-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/008987.html"
},
{
"category": "self",
"summary": "SUSE Bug 1179833",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "self",
"summary": "SUSE Bug 1179836",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "self",
"summary": "SUSE Bug 1179837",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "self",
"summary": "SUSE Bug 1179839",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24489 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24511 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24512 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24513 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24513/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2021-06-10T08:28:43Z",
"generator": {
"date": "2021-06-10T08:28:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:1933-1",
"initial_release_date": "2021-06-10T08:28:43Z",
"revision_history": [
{
"date": "2021-06-10T08:28:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-7.1.i586",
"product": {
"name": "ucode-intel-20210525-7.1.i586",
"product_id": "ucode-intel-20210525-7.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20210525-7.1.x86_64",
"product": {
"name": "ucode-intel-20210525-7.1.x86_64",
"product_id": "ucode-intel-20210525-7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.0",
"product": {
"name": "SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64"
},
"product_reference": "ucode-intel-20210525-7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
},
"product_reference": "ucode-intel-20210525-7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20210525-7.1.x86_64 as component of SUSE Linux Enterprise Micro 5.0",
"product_id": "SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64"
},
"product_reference": "ucode-intel-20210525-7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24489"
}
],
"notes": [
{
"category": "general",
"text": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24489",
"url": "https://www.suse.com/security/cve/CVE-2020-24489"
},
{
"category": "external",
"summary": "SUSE Bug 1179839 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1179839"
},
{
"category": "external",
"summary": "SUSE Bug 1192359 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1192359"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1201731"
},
{
"category": "external",
"summary": "SUSE Bug 1225680 for CVE-2020-24489",
"url": "https://bugzilla.suse.com/1225680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:43Z",
"details": "important"
}
],
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24511"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24511",
"url": "https://www.suse.com/security/cve/CVE-2020-24511"
},
{
"category": "external",
"summary": "SUSE Bug 1179836 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1179836"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24511",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:43Z",
"details": "moderate"
}
],
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24512"
}
],
"notes": [
{
"category": "general",
"text": "Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24512",
"url": "https://www.suse.com/security/cve/CVE-2020-24512"
},
{
"category": "external",
"summary": "SUSE Bug 1179837 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1179837"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24512",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:43Z",
"details": "low"
}
],
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-24513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24513"
}
],
"notes": [
{
"category": "general",
"text": "Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24513",
"url": "https://www.suse.com/security/cve/CVE-2020-24513"
},
{
"category": "external",
"summary": "SUSE Bug 1179833 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1179833"
},
{
"category": "external",
"summary": "SUSE Bug 1192360 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1192360"
},
{
"category": "external",
"summary": "SUSE Bug 1199300 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1199300"
},
{
"category": "external",
"summary": "SUSE Bug 1201731 for CVE-2020-24513",
"url": "https://bugzilla.suse.com/1201731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.0:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20210525-7.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:ucode-intel-20210525-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-10T08:28:43Z",
"details": "moderate"
}
],
"title": "CVE-2020-24513"
}
]
}
VAR-202106-0349
Vulnerability from variot - Updated: 2024-07-23 21:24Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
-
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219)
-
hw: vt-d related privilege escalation (CVE-2020-24489)
-
dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1929858 - CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits 1948377 - Rebase RHV-H 4.3 EUS on RHGS 3.5.z on RHEL 7 - Batch Update 4 1957238 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #6 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:3028-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3028 Issue date: 2021-08-09 CVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 ==================================================================== 1. Summary:
An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The microcode_ctl packages provide microcode updates for Intel.
Security Fix(es):
-
hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)
-
hw: Vector Register Data Sampling (CVE-2020-0548)
-
hw: L1D Cache Eviction Sampling (CVE-2020-0549)
-
hw: vt-d related privilege escalation (CVE-2020-24489)
-
hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511)
-
hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512)
-
hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)
-
hw: Vector Register Leakage-Active (CVE-2020-8696)
-
hw: Fast forward store predictor (CVE-2020-8698)
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1788786 - CVE-2020-0548 hw: Vector Register Data Sampling 1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling 1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS) 1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor 1897684 - [rhel-7.9.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors 1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: microcode_ctl-2.1-73.11.el7_9.src.rpm
x86_64: microcode_ctl-2.1-73.11.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYRD++tzjgjWX9erEAQhA1A//eeO88DFGpTcHgCHrsXimUtK3MZX0RppT 5UOWuXgmPJniMPDALpkfTNTnNGASjBB+WDclaW2d/sZf52PzYLao5wGVIYdUx3Nl l9IvbGNMm0F7eI7aHdT2QnUhQQl1IpJrbmkhvBM2w85EmOfqlq+CpXnJMRXzoRdv sFPrWAo1opDNnBV6iYAnyULHFuWwcvU28n3JU945W8p/PvqJgSze77i4dmpzYkBj ljzVrIUl2pizBmnQMj03JJ+YeB8+oKb0uD2RdqHoxkUSFGH9OW6s/qytHu/eR4uL Y7WmIfHUxGsVRcmIjo/VaAvvWs4A3hdOL3nGdRAMQOKp+VoDcX7VDNURoxK/bkcJ OepHSyfWPCVXvOmU5l2ov1uzVQ/F+ajeevMehuzwQlTAIur5qE2eQ2Mwitfh/7WZ W3x67peCz51zVPtb7rkQfpzQzZKkjSAAclOYMzltv2PA5vSXZy8+hEqWZwqtesQn ltz36bjQMvRRhr1yGDbaFI5dcTB8T/eIkzmD6wPfbd7r7SEuE0GUd8Yf69VghGL2 f+mvR8oWb2x3RHXbpFm4aIt5mJHqIgfXDAohz7lXgLyJwQefyeJ5w+W8nOe+ZSK/ yvfiVQZz9tvPq8yqC87YWTA7zcnhoSmPvXRicJakpfJL/oz043Tc17jqxIra36sA UjXnNBNse8A=LIYI -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "core i7-11700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3060",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11320h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11500t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10325",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11600kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2805",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10320",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4020",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10980hk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1185g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3150",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium j2850",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10105f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10500e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium j4205",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10850k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900kb",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10710u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10810u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4125",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1130g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1115g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10600kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3510",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1060g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11600",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10600k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1038ng7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11950h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11980hk",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11600k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10750h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium j6426",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n5095",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10300",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver n5030",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j1800",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3010",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver a1030",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10105t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2910",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10400t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1005g1",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1115gre",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11400h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10210y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4025",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1155g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10510y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1140g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1000g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2840",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10500t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3160",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j1900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10105",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10110y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11400f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4105",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3355e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1110g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11300h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11850h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver j5005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "celeron n3000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11600t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1185gre",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1160g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3520",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11700t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1145g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11700b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10200h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1185g7e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4120",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10310y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11375h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10510u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3160",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10870h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10910",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n6415",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n6210",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10600",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11700kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium j2900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10500te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n6211",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1145g7e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n4200",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2920",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10400h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1000g1",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1135g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10900t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n5105",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n5100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1125g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4020c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10310u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11800h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1180g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j1750",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11400",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3050",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2815",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1068ng7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10500h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-10885h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700k",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1115g4e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10505",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10600t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g1",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10210u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j6413",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3455",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j6412",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1195g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2806",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3350",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1120g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10100y",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11390h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver n6000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-l16g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10850h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10300t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1030ng7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3060",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium j3710",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3710",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "core i3-10110u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1030g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11500b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1165g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11500h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3355",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1065g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2830",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10610u",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver j5040",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver n5000",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4505",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n3350e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3530",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1035g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4100",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10305",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2820",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-11100b",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11370h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n4200e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11260h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-11500",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10300h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1030g7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium n3540",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "pentium silver n6005",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-1060ng7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-1145gre",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10875h",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-1000ng4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11700f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2808",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j4115",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2807",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n4000c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-l13g4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j1850",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-10700te",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5-10400f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7-11700",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i9-11900kf",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j3455e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron n2810",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i3-10305t",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j1750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j1800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j1850:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j1900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j4115:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j6412:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4000c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4020c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1000ng4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-11100b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1030ng7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10310u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1038ng7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11500b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1068ng7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10910:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900kb:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j2850:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j2900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j3710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j6426:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n3710:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_a1030:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163032"
},
{
"db": "PACKETSTORM",
"id": "163037"
},
{
"db": "PACKETSTORM",
"id": "163042"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163758"
}
],
"trust": 0.8
},
"cve": "CVE-2020-24489",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-178372",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-24489",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-630",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-178372",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. \nThese packages include redhat-release-virtualization-host. \nRHVH features a Cockpit user interface for monitoring the host\u0027s resources\nand\nperforming administrative tasks. \n\nSecurity Fix(es):\n\n* glib: integer overflow in g_bytes_new function on 64-bit platforms due to\nan implicit cast from 64 bits to 32 bits (CVE-2021-27219)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* dhcp: stack-based buffer overflow when parsing statements with\ncolon-separated hex digits in config or lease files in dhcpd and dhclient\n(CVE-2021-25217)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1929858 - CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits\n1948377 - Rebase RHV-H 4.3 EUS on RHGS 3.5.z on RHEL 7 - Batch Update 4\n1957238 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #6\n1962650 - CVE-2020-24489 hw: vt-d related privilege escalation\n1963258 - CVE-2021-25217 dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: microcode_ctl security, bug fix and enhancement update\nAdvisory ID: RHSA-2021:3028-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:3028\nIssue date: 2021-08-09\nCVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549\n CVE-2020-8695 CVE-2020-8696 CVE-2020-8698\n CVE-2020-24489 CVE-2020-24511 CVE-2020-24512\n====================================================================\n1. Summary:\n\nAn update for microcode_ctl is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel. \n\nSecurity Fix(es):\n\n* hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543)\n\n* hw: Vector Register Data Sampling (CVE-2020-0548)\n\n* hw: L1D Cache Eviction Sampling (CVE-2020-0549)\n\n* hw: vt-d related privilege escalation (CVE-2020-24489)\n\n* hw: improper isolation of shared resources in some Intel Processors\n(CVE-2020-24511)\n\n* hw: observable timing discrepancy in some Intel Processors\n(CVE-2020-24512)\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface\n(CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1788786 - CVE-2020-0548 hw: Vector Register Data Sampling\n1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling\n1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS)\n1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface\n1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active\n1890356 - CVE-2020-8698 hw: Fast forward store predictor\n1897684 - [rhel-7.9.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates\n1962650 - CVE-2020-24489 hw: vt-d related privilege escalation\n1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors\n1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nmicrocode_ctl-2.1-73.11.el7_9.src.rpm\n\nx86_64:\nmicrocode_ctl-2.1-73.11.el7_9.x86_64.rpm\nmicrocode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-0543\nhttps://access.redhat.com/security/cve/CVE-2020-0548\nhttps://access.redhat.com/security/cve/CVE-2020-0549\nhttps://access.redhat.com/security/cve/CVE-2020-8695\nhttps://access.redhat.com/security/cve/CVE-2020-8696\nhttps://access.redhat.com/security/cve/CVE-2020-8698\nhttps://access.redhat.com/security/cve/CVE-2020-24489\nhttps://access.redhat.com/security/cve/CVE-2020-24511\nhttps://access.redhat.com/security/cve/CVE-2020-24512\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYRD++tzjgjWX9erEAQhA1A//eeO88DFGpTcHgCHrsXimUtK3MZX0RppT\n5UOWuXgmPJniMPDALpkfTNTnNGASjBB+WDclaW2d/sZf52PzYLao5wGVIYdUx3Nl\nl9IvbGNMm0F7eI7aHdT2QnUhQQl1IpJrbmkhvBM2w85EmOfqlq+CpXnJMRXzoRdv\nsFPrWAo1opDNnBV6iYAnyULHFuWwcvU28n3JU945W8p/PvqJgSze77i4dmpzYkBj\nljzVrIUl2pizBmnQMj03JJ+YeB8+oKb0uD2RdqHoxkUSFGH9OW6s/qytHu/eR4uL\nY7WmIfHUxGsVRcmIjo/VaAvvWs4A3hdOL3nGdRAMQOKp+VoDcX7VDNURoxK/bkcJ\nOepHSyfWPCVXvOmU5l2ov1uzVQ/F+ajeevMehuzwQlTAIur5qE2eQ2Mwitfh/7WZ\nW3x67peCz51zVPtb7rkQfpzQzZKkjSAAclOYMzltv2PA5vSXZy8+hEqWZwqtesQn\nltz36bjQMvRRhr1yGDbaFI5dcTB8T/eIkzmD6wPfbd7r7SEuE0GUd8Yf69VghGL2\nf+mvR8oWb2x3RHXbpFm4aIt5mJHqIgfXDAohz7lXgLyJwQefyeJ5w+W8nOe+ZSK/\nyvfiVQZz9tvPq8yqC87YWTA7zcnhoSmPvXRicJakpfJL/oz043Tc17jqxIra36sA\nUjXnNBNse8A=LIYI\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24489"
},
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163032"
},
{
"db": "PACKETSTORM",
"id": "163037"
},
{
"db": "PACKETSTORM",
"id": "163042"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163758"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-24489",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "163240",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "163031",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163772",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163863",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163993",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163757",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2243",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2201",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2479",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4047",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2088",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2721",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2797",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2030",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2258",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2537",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2905",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2945",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2672",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081834",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062312",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021083127",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021081125",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062701",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080915",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-62742",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-630",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "163037",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163044",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163042",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163032",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163047",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163040",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163043",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163242",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163046",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-178372",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163924",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163758",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163032"
},
{
"db": "PACKETSTORM",
"id": "163037"
},
{
"db": "PACKETSTORM",
"id": "163042"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"id": "VAR-202106-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-178372"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:24:47.280000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Intel Virtualization Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=155752"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-459",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4934"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00022.html"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24489"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24489"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2020-24511"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24512"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24511"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2020-24512"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163863/red-hat-security-advisory-2021-3176-01.html"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-62742"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163757/red-hat-security-advisory-2021-3027-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081834"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2537"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2479"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6520482"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2243"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2088"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163772/red-hat-security-advisory-2021-3029-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2201"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062701"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4047"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021081125"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021083127"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163993/red-hat-security-advisory-2021-3364-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163031/red-hat-security-advisory-2021-2299-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2905"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163240/red-hat-security-advisory-2021-2519-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/intel-processor-privilege-escalation-via-vt-d-35681"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2721"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080915"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2945"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2672"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062312"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2258"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2797"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3443"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2030"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-24513"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24513"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8696"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8698"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8698"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0549"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8695"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8695"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0549"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8696"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0548"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0548"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25217"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25217"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2519"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2302"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2306"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2308"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2304"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3029"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3255"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3028"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163032"
},
{
"db": "PACKETSTORM",
"id": "163037"
},
{
"db": "PACKETSTORM",
"id": "163042"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-178372"
},
{
"db": "PACKETSTORM",
"id": "163240"
},
{
"db": "PACKETSTORM",
"id": "163032"
},
{
"db": "PACKETSTORM",
"id": "163037"
},
{
"db": "PACKETSTORM",
"id": "163042"
},
{
"db": "PACKETSTORM",
"id": "163044"
},
{
"db": "PACKETSTORM",
"id": "163772"
},
{
"db": "PACKETSTORM",
"id": "163924"
},
{
"db": "PACKETSTORM",
"id": "163758"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-09T00:00:00",
"db": "VULHUB",
"id": "VHN-178372"
},
{
"date": "2021-06-22T19:32:24",
"db": "PACKETSTORM",
"id": "163240"
},
{
"date": "2021-06-09T13:26:50",
"db": "PACKETSTORM",
"id": "163032"
},
{
"date": "2021-06-09T13:28:17",
"db": "PACKETSTORM",
"id": "163037"
},
{
"date": "2021-06-09T13:40:32",
"db": "PACKETSTORM",
"id": "163042"
},
{
"date": "2021-06-09T13:40:48",
"db": "PACKETSTORM",
"id": "163044"
},
{
"date": "2021-08-10T14:49:53",
"db": "PACKETSTORM",
"id": "163772"
},
{
"date": "2021-08-27T19:22:22",
"db": "PACKETSTORM",
"id": "163924"
},
{
"date": "2021-08-09T14:15:45",
"db": "PACKETSTORM",
"id": "163758"
},
{
"date": "2021-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"date": "2021-06-09T20:15:08.140000",
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-178372"
},
{
"date": "2023-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-630"
},
{
"date": "2022-04-06T17:07:37.537000",
"db": "NVD",
"id": "CVE-2020-24489"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Virtualization Technology for Direct I/O Authorization problem vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-630"
}
],
"trust": 0.6
}
}
WID-SEC-W-2023-0063
Vulnerability from csaf_certbund - Published: 2022-01-12 23:00 - Updated: 2025-10-08 22:00Summary
Juniper Junos Space: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff: Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - Juniper Appliance
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <21.3R1
Juniper / Junos Space
|
<21.3R1 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper Contrail Service Orchestration
Juniper
|
cpe:/a:juniper:contrail_service_orchestration:-
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0063 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0063 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103138 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
}
],
"source_lang": "en-US",
"title": "Juniper Junos Space: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-08T22:00:00.000+00:00",
"generator": {
"date": "2025-10-09T07:39:55.488+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-0063",
"initial_release_date": "2022-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c21.3R1",
"product": {
"name": "Juniper Junos Space \u003c21.3R1",
"product_id": "T021576"
}
},
{
"category": "product_version",
"name": "21.3R1",
"product": {
"name": "Juniper Junos Space 21.3R1",
"product_id": "T021576-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:21.3r1"
}
}
},
{
"category": "product_version_range",
"name": "Security Director \u003c24.1R4",
"product": {
"name": "Juniper Junos Space Security Director \u003c24.1R4",
"product_id": "T047484"
}
},
{
"category": "product_version",
"name": "Security Director 24.1R4",
"product": {
"name": "Juniper Junos Space Security Director 24.1R4",
"product_id": "T047484-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r4::security_director"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-20934",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2019-20934"
},
{
"cve": "CVE-2020-0543",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-0549"
},
{
"cve": "CVE-2020-11022",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11668",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12363",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12363"
},
{
"cve": "CVE-2020-12364",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-12364"
},
{
"cve": "CVE-2020-1927",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-24489",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-27170",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27170"
},
{
"cve": "CVE-2020-27777",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-29443",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-29443"
},
{
"cve": "CVE-2020-8625",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8625"
},
{
"cve": "CVE-2020-8648",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-8695",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-8698"
},
{
"cve": "CVE-2020-9490",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-20254",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-20254"
},
{
"cve": "CVE-2021-22555",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-22901",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-2341",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2341"
},
{
"cve": "CVE-2021-2342",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-2356",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2369",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2369"
},
{
"cve": "CVE-2021-2372",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2388",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2388"
},
{
"cve": "CVE-2021-2389",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25214",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25214"
},
{
"cve": "CVE-2021-25217",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-25217"
},
{
"cve": "CVE-2021-27219",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-29154",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-29650",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-31535",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-32399",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-33033",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-3347",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3653",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3653"
},
{
"cve": "CVE-2021-3656",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3656"
},
{
"cve": "CVE-2021-3715",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-3715"
},
{
"cve": "CVE-2021-37576",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-37576"
},
{
"cve": "CVE-2021-4104",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-4104"
},
{
"cve": "CVE-2021-42550",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-44228",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-45046",
"product_status": {
"known_affected": [
"T021576",
"T047484",
"T025794"
]
},
"release_date": "2022-01-12T23:00:00.000+00:00",
"title": "CVE-2021-45046"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…