Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8698 (GCVE-0-2020-8698)
Vulnerability from cvelistv5 – Published: 2020-11-12 18:01 – Updated: 2024-08-04 10:03
VLAI
EPSS
Summary
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity
5.5 (Medium)
CWE
- information disclosure
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2020111… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Processors |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:03:46.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-11T12:06:29.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-8698",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201113-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201113-0006/"
},
{
"name": "FEDORA-2020-14fda1bf85",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/"
},
{
"name": "[debian-lts-announce] 20210205 [SECURITY] [DLA 2546-1] intel-microcode security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-8698",
"datePublished": "2020-11-12T18:01:55.000Z",
"dateReserved": "2020-02-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:03:46.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-8698",
"date": "2026-06-08",
"epss": "0.00248",
"percentile": "0.48249"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B78FF9EC-BB2A-4352-9BE7-EFA749C99A9D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF64D95C-653A-4864-A572-CD0A64B6CDF3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30B2F570-1DD9-49C7-BB72-0EA0E9A417C4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C60AF0D-983D-454E-8940-209C471DC041\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"114DF43C-839F-4066-AA30-8DC16B1D6687\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5F6F725-217C-48FF-86DD-E91A24156121\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"365696BF-CE3D-4CE6-92A8-413DDE43774E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE048AEB-094D-4102-9DBF-488FEB53FF89\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"158CC66D-32E5-4396-8E5D-4D90EE9AB62C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E84F0381-296A-408E-90D4-A316EE894A9D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2243674B-E505-4FED-B063-953A1569EA30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5601E40A-96E1-4321-9682-055A1C607488\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12ADA9A2-6E64-4F17-B369-816639F0D3BF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C61DF9A-ABDE-44A2-A060-B088428D5064\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD7447BC-F315-4298-A822-549942FC118B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17C3B32E-E1F2-446A-B8AE-5F3E285BD5B2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02DEB4FB-A21D-4CB1-B522-EEE5093E8521\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3BCF7CA-6C05-4FD5-A965-0F038F63D70A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4588E5F-58E1-4C82-9551-8EAD5FFE08B3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"22.01.08\", \"matchCriteriaId\": \"F5320759-AAAB-4FEA-99AB-51A7F7EE9F58\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"506DEE00-30D2-4E29-9645-757EB8778C0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"480C5657-5C05-40F5-B76A-E67119727ED8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F3C3E60-7C36-4F5D-B454-97C9D0FD9459\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.15\", \"matchCriteriaId\": \"8F6CA254-45AF-497D-9D1D-0CF4A8922883\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A40D0CDB-7BE6-491F-B730-3B4E10CA159A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.15\", \"matchCriteriaId\": \"5AECF7C4-3FF7-4663-A49C-9DB91BA5C28E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDF9D4C3-1892-48FA-95B4-835B636A4005\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.01.15\", \"matchCriteriaId\": \"26B17683-E061-4CB9-BB8E-9EC8612DA1A1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.08\", \"matchCriteriaId\": \"6779ADD8-298D-4FF4-8AD3-82E995B2E144\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D9AF082-8345-4BE1-B1FC-6E0316BB833B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.08\", \"matchCriteriaId\": \"5D3BECCA-5783-4B3C-B659-21160B4D2726\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E430C4C5-D887-47C6-B50F-66EEE9519151\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.08\", \"matchCriteriaId\": \"BF2E9EAA-2D26-4271-B2A3-CA3BB71D0149\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F9FA42D-B2F0-456F-89B7-6A5789787FBA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"25.02.08\", \"matchCriteriaId\": \"9C5CB316-59B9-4DDB-A8B8-14D8BCD991CE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1157418C-14C4-43C4-B63E-7E98D868A94F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"23.01.08\", \"matchCriteriaId\": \"4ABF49D4-34CE-4DEA-AA2E-A40A53472D1F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"187C6D51-5B86-484D-AE0F-26D1C9465580\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"Un aislamiento inapropiado de los recursos compartidos en algunos Intel\\u00ae Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgaci\\u00f3n de informaci\\u00f3n por medio de un acceso local\"}]",
"id": "CVE-2020-8698",
"lastModified": "2024-11-21T05:39:17.130",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-11-12T18:15:16.783",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201113-0006/\", \"source\": \"secure@intel.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201113-0006/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-668\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8698\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2020-11-12T18:15:16.783\",\"lastModified\":\"2024-11-21T05:39:17.130\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"Un aislamiento inapropiado de los recursos compartidos en algunos Intel\u00ae Processors, puede habilitar a un usuario autenticado para permitir potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio de un acceso local\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:microcode:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B78FF9EC-BB2A-4352-9BE7-EFA749C99A9D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF64D95C-653A-4864-A572-CD0A64B6CDF3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B2F570-1DD9-49C7-BB72-0EA0E9A417C4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C60AF0D-983D-454E-8940-209C471DC041\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"114DF43C-839F-4066-AA30-8DC16B1D6687\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5F6F725-217C-48FF-86DD-E91A24156121\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"365696BF-CE3D-4CE6-92A8-413DDE43774E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE048AEB-094D-4102-9DBF-488FEB53FF89\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"158CC66D-32E5-4396-8E5D-4D90EE9AB62C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84F0381-296A-408E-90D4-A316EE894A9D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2243674B-E505-4FED-B063-953A1569EA30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5601E40A-96E1-4321-9682-055A1C607488\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12ADA9A2-6E64-4F17-B369-816639F0D3BF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_compute_node_bios:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C61DF9A-ABDE-44A2-A060-B088428D5064\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_storage_node_bios:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C3B32E-E1F2-446A-B8AE-5F3E285BD5B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02DEB4FB-A21D-4CB1-B522-EEE5093E8521\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:solidfire_bios:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3BCF7CA-6C05-4FD5-A965-0F038F63D70A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4588E5F-58E1-4C82-9551-8EAD5FFE08B3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.01.08\",\"matchCriteriaId\":\"F5320759-AAAB-4FEA-99AB-51A7F7EE9F58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"506DEE00-30D2-4E29-9645-757EB8778C0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_field_pg_m6_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"480C5657-5C05-40F5-B76A-E67119727ED8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_field_pg_m6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F3C3E60-7C36-4F5D-B454-97C9D0FD9459\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.15\",\"matchCriteriaId\":\"8F6CA254-45AF-497D-9D1D-0CF4A8922883\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A40D0CDB-7BE6-491F-B730-3B4E10CA159A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.15\",\"matchCriteriaId\":\"5AECF7C4-3FF7-4663-A49C-9DB91BA5C28E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDF9D4C3-1892-48FA-95B4-835B636A4005\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.01.15\",\"matchCriteriaId\":\"26B17683-E061-4CB9-BB8E-9EC8612DA1A1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC5CE20-7D08-4496-A857-C3A4BD0AB1AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc627e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.08\",\"matchCriteriaId\":\"6779ADD8-298D-4FF4-8AD3-82E995B2E144\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc627e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D9AF082-8345-4BE1-B1FC-6E0316BB833B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc647e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.08\",\"matchCriteriaId\":\"5D3BECCA-5783-4B3C-B659-21160B4D2726\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc647e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E430C4C5-D887-47C6-B50F-66EEE9519151\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc677e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.08\",\"matchCriteriaId\":\"BF2E9EAA-2D26-4271-B2A3-CA3BB71D0149\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc677e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F9FA42D-B2F0-456F-89B7-6A5789787FBA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_ipc847e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"25.02.08\",\"matchCriteriaId\":\"9C5CB316-59B9-4DDB-A8B8-14D8BCD991CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_ipc847e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1157418C-14C4-43C4-B63E-7E98D868A94F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"23.01.08\",\"matchCriteriaId\":\"4ABF49D4-34CE-4DEA-AA2E-A40A53472D1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"187C6D51-5B86-484D-AE0F-26D1C9465580\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/\",\"source\":\"secure@intel.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20201113-0006/\",\"source\":\"secure@intel.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAAGIK5CXKBPGY3R4UR5VO56M7MKLZ43/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20201113-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
SUSE-SU-2020:14540-1
Vulnerability from csaf_suse - Published: 2020-11-11 10:21 - Updated: 2020-11-11 10:21Summary
Security update for microcode_ctl
Severity
Moderate
Notes
Title of the patch: Security update for microcode_ctl
Description of the patch: This update for microcode_ctl fixes the following issue:
- Updated Intel CPU Microcode to 20201027 prerelease (bsc#1170446)
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: sleposp3-microcode_ctl-14540,slessp4-microcode_ctl-14540
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for microcode_ctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for microcode_ctl fixes the following issue:\n\n- Updated Intel CPU Microcode to 20201027 prerelease (bsc#1170446)\n\n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n # New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-microcode_ctl-14540,slessp4-microcode_ctl-14540",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14540-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14540-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014540-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14540-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007755.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for microcode_ctl",
"tracking": {
"current_release_date": "2020-11-11T10:21:45Z",
"generator": {
"date": "2020-11-11T10:21:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14540-1",
"initial_release_date": "2020-11-11T10:21:45Z",
"revision_history": [
{
"date": "2020-11-11T10:21:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.59.1.i586",
"product": {
"name": "microcode_ctl-1.17-102.83.59.1.i586",
"product_id": "microcode_ctl-1.17-102.83.59.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.59.1.x86_64",
"product": {
"name": "microcode_ctl-1.17-102.83.59.1.x86_64",
"product_id": "microcode_ctl-1.17-102.83.59.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.59.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.59.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.59.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.59.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.59.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
},
"product_reference": "microcode_ctl-1.17-102.83.59.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-11T10:21:45Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.59.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-11T10:21:45Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:14546-1
Vulnerability from csaf_suse - Published: 2020-11-19 08:27 - Updated: 2020-11-19 08:27Summary
Security update for microcode_ctl
Severity
Moderate
Notes
Title of the patch: Security update for microcode_ctl
Description of the patch: This update for microcode_ctl fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: sleposp3-microcode_ctl-14546,slessp4-microcode_ctl-14546
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for microcode_ctl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for microcode_ctl fixes the following issues:\n\n- Updated Intel CPU Microcode to 20201110 official release.\n - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389 (bsc#1170446)\n - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)\n\n- Release notes:\n - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).\n - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).\n - Update for functional issues. Refer to [Second Generation Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n - Update for functional issues. Refer to [10th Gen Intel\u00ae Core\u2122 Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n - Update for functional issues. Refer to [8th and 9th Gen Intel\u00ae Core\u2122 Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel\u00ae Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n - Update for functional issues. Refer to [6th Gen Intel\u00ae Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n ### New Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n\n ### Updated Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-microcode_ctl-14546,slessp4-microcode_ctl-14546",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14546-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14546-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014546-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14546-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007804.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173592",
"url": "https://bugzilla.suse.com/1173592"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8696 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for microcode_ctl",
"tracking": {
"current_release_date": "2020-11-19T08:27:15Z",
"generator": {
"date": "2020-11-19T08:27:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14546-1",
"initial_release_date": "2020-11-19T08:27:15Z",
"revision_history": [
{
"date": "2020-11-19T08:27:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.62.1.i586",
"product": {
"name": "microcode_ctl-1.17-102.83.62.1.i586",
"product_id": "microcode_ctl-1.17-102.83.62.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "microcode_ctl-1.17-102.83.62.1.x86_64",
"product": {
"name": "microcode_ctl-1.17-102.83.62.1.x86_64",
"product_id": "microcode_ctl-1.17-102.83.62.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.62.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.62.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.62.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586"
},
"product_reference": "microcode_ctl-1.17-102.83.62.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "microcode_ctl-1.17-102.83.62.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
},
"product_reference": "microcode_ctl-1.17-102.83.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8696"
}
],
"notes": [
{
"category": "general",
"text": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8696",
"url": "https://www.suse.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "SUSE Bug 1173592 for CVE-2020-8696",
"url": "https://bugzilla.suse.com/1173592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:microcode_ctl-1.17-102.83.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3271-1
Vulnerability from csaf_suse - Published: 2020-11-10 18:05 - Updated: 2020-11-10 18:05Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 pre-release
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3271,SUSE-SLE-Module-Basesystem-15-SP2-2020-3271
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode updated to 20201027 pre-release \n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n # New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3271,SUSE-SLE-Module-Basesystem-15-SP2-2020-3271",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3271-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3271-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203271-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3271-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2020-November/016830.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-10T18:05:18Z",
"generator": {
"date": "2020-11-10T18:05:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3271-1",
"initial_release_date": "2020-11-10T18:05:18Z",
"revision_history": [
{
"date": "2020-11-10T18:05:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-2.7.1.i586",
"product": {
"name": "ucode-intel-20201027-2.7.1.i586",
"product_id": "ucode-intel-20201027-2.7.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-2.7.1.x86_64",
"product": {
"name": "ucode-intel-20201027-2.7.1.x86_64",
"product_id": "ucode-intel-20201027-2.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-2.7.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
},
"product_reference": "ucode-intel-20201027-2.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T18:05:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201027-2.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T18:05:18Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3274-1
Vulnerability from csaf_suse - Published: 2020-11-10 19:08 - Updated: 2020-11-10 19:08Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 prerelease
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3274,SUSE-SLE-SERVER-12-SP5-2020-3274
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode updated to 20201027 prerelease \n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n# New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3274,SUSE-SLE-SERVER-12-SP5-2020-3274",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3274-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3274-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203274-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3274-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007749.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-10T19:08:17Z",
"generator": {
"date": "2020-11-10T19:08:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3274-1",
"initial_release_date": "2020-11-10T19:08:17Z",
"revision_history": [
{
"date": "2020-11-10T19:08:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.20.1.i586",
"product": {
"name": "ucode-intel-20201027-3.20.1.i586",
"product_id": "ucode-intel-20201027-3.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.20.1.x86_64",
"product": {
"name": "ucode-intel-20201027-3.20.1.x86_64",
"product_id": "ucode-intel-20201027-3.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.20.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:08:17Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:ucode-intel-20201027-3.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:ucode-intel-20201027-3.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:08:17Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3275-1
Vulnerability from csaf_suse - Published: 2020-11-10 19:09 - Updated: 2020-11-10 19:09Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 prerelease
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3275,SUSE-SLE-Product-HPC-15-2020-3275,SUSE-SLE-Product-SLES_SAP-15-2020-3275
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode updated to 20201027 prerelease \n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n # New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3275,SUSE-SLE-Product-HPC-15-2020-3275,SUSE-SLE-Product-SLES_SAP-15-2020-3275",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3275-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3275-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203275-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3275-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007746.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-10T19:09:59Z",
"generator": {
"date": "2020-11-10T19:09:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3275-1",
"initial_release_date": "2020-11-10T19:09:59Z",
"revision_history": [
{
"date": "2020-11-10T19:09:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.51.1.i586",
"product": {
"name": "ucode-intel-20201027-3.51.1.i586",
"product_id": "ucode-intel-20201027-3.51.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.51.1.x86_64",
"product": {
"name": "ucode-intel-20201027-3.51.1.x86_64",
"product_id": "ucode-intel-20201027-3.51.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.51.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.51.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.51.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:09:59Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201027-3.51.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201027-3.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:09:59Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3276-1
Vulnerability from csaf_suse - Published: 2020-11-10 19:10 - Updated: 2020-11-10 19:10Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 prerelease
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3276,SUSE-SLE-Module-Basesystem-15-SP1-2020-3276
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode updated to 20201027 prerelease\n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n# New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3276,SUSE-SLE-Module-Basesystem-15-SP1-2020-3276",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3276-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3276-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203276-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3276-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007744.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-10T19:10:37Z",
"generator": {
"date": "2020-11-10T19:10:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3276-1",
"initial_release_date": "2020-11-10T19:10:37Z",
"revision_history": [
{
"date": "2020-11-10T19:10:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.33.1.i586",
"product": {
"name": "ucode-intel-20201027-3.33.1.i586",
"product_id": "ucode-intel-20201027-3.33.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-3.33.1.x86_64",
"product": {
"name": "ucode-intel-20201027-3.33.1.x86_64",
"product_id": "ucode-intel-20201027-3.33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
},
"product_reference": "ucode-intel-20201027-3.33.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:10:37Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201027-3.33.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-10T19:10:37Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3279-1
Vulnerability from csaf_suse - Published: 2020-11-11 08:18 - Updated: 2020-11-11 08:18Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Intel CPU Microcode updated to 20201027 prerelease
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
# New Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
# Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: HPE-Helion-OpenStack-8-2020-3279,SUSE-2020-3279,SUSE-OpenStack-Cloud-7-2020-3279,SUSE-OpenStack-Cloud-8-2020-3279,SUSE-OpenStack-Cloud-9-2020-3279,SUSE-OpenStack-Cloud-Crowbar-8-2020-3279,SUSE-OpenStack-Cloud-Crowbar-9-2020-3279,SUSE-SLE-SAP-12-SP2-2020-3279,SUSE-SLE-SAP-12-SP3-2020-3279,SUSE-SLE-SAP-12-SP4-2020-3279,SUSE-SLE-SERVER-12-SP2-2020-3279,SUSE-SLE-SERVER-12-SP2-BCL-2020-3279,SUSE-SLE-SERVER-12-SP3-2020-3279,SUSE-SLE-SERVER-12-SP3-BCL-2020-3279,SUSE-SLE-SERVER-12-SP4-LTSS-2020-3279,SUSE-Storage-5-2020-3279
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Intel CPU Microcode updated to 20201027 prerelease \n- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n\n# New Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n # Updated Platforms:\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2020-3279,SUSE-2020-3279,SUSE-OpenStack-Cloud-7-2020-3279,SUSE-OpenStack-Cloud-8-2020-3279,SUSE-OpenStack-Cloud-9-2020-3279,SUSE-OpenStack-Cloud-Crowbar-8-2020-3279,SUSE-OpenStack-Cloud-Crowbar-9-2020-3279,SUSE-SLE-SAP-12-SP2-2020-3279,SUSE-SLE-SAP-12-SP3-2020-3279,SUSE-SLE-SAP-12-SP4-2020-3279,SUSE-SLE-SERVER-12-SP2-2020-3279,SUSE-SLE-SERVER-12-SP2-BCL-2020-3279,SUSE-SLE-SERVER-12-SP3-2020-3279,SUSE-SLE-SERVER-12-SP3-BCL-2020-3279,SUSE-SLE-SERVER-12-SP4-LTSS-2020-3279,SUSE-Storage-5-2020-3279",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3279-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3279-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203279-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3279-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007757.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-11T08:18:34Z",
"generator": {
"date": "2020-11-11T08:18:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3279-1",
"initial_release_date": "2020-11-11T08:18:34Z",
"revision_history": [
{
"date": "2020-11-11T08:18:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-13.76.1.i586",
"product": {
"name": "ucode-intel-20201027-13.76.1.i586",
"product_id": "ucode-intel-20201027-13.76.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201027-13.76.1.x86_64",
"product": {
"name": "ucode-intel-20201027-13.76.1.x86_64",
"product_id": "ucode-intel-20201027-13.76.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 5",
"product": {
"name": "SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201027-13.76.1.x86_64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64"
},
"product_reference": "ucode-intel-20201027-13.76.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-11T08:18:34Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Enterprise Storage 5:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:ucode-intel-20201027-13.76.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 7:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud 9:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:ucode-intel-20201027-13.76.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:ucode-intel-20201027-13.76.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-11T08:18:34Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3372-1
Vulnerability from csaf_suse - Published: 2020-11-19 08:27 - Updated: 2020-11-19 08:27Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3372,SUSE-SLE-Module-Basesystem-15-SP1-2020-3372
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Updated Intel CPU Microcode to 20201110 official release.\n - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)\n\n- Release notes:\n - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).\n - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).\n - Update for functional issues. Refer to [Second Generation Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n - Update for functional issues. Refer to [10th Gen Intel\u00ae Core\u2122 Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n - Update for functional issues. Refer to [8th and 9th Gen Intel\u00ae Core\u2122 Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel\u00ae Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n - Update for functional issues. Refer to [6th Gen Intel\u00ae Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n ### New Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10\n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n\n ### Updated Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3372,SUSE-SLE-Module-Basesystem-15-SP1-2020-3372",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3372-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3372-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203372-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3372-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007796.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173592",
"url": "https://bugzilla.suse.com/1173592"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8696 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-19T08:27:30Z",
"generator": {
"date": "2020-11-19T08:27:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3372-1",
"initial_release_date": "2020-11-19T08:27:30Z",
"revision_history": [
{
"date": "2020-11-19T08:27:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-3.39.1.i586",
"product": {
"name": "ucode-intel-20201110-3.39.1.i586",
"product_id": "ucode-intel-20201110-3.39.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-3.39.1.x86_64",
"product": {
"name": "ucode-intel-20201110-3.39.1.x86_64",
"product_id": "ucode-intel-20201110-3.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201110-3.39.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
},
"product_reference": "ucode-intel-20201110-3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:30Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8696"
}
],
"notes": [
{
"category": "general",
"text": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8696",
"url": "https://www.suse.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "SUSE Bug 1173592 for CVE-2020-8696",
"url": "https://bugzilla.suse.com/1173592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:30Z",
"details": "moderate"
}
],
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20201110-3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:30Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3373-1
Vulnerability from csaf_suse - Published: 2020-11-19 08:27 - Updated: 2020-11-19 08:27Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3373,SUSE-SLE-Module-Basesystem-15-SP2-2020-3373
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Updated Intel CPU Microcode to 20201110 official release.\n - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)\n\n- Release notes:\n - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).\n - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).\n - Update for functional issues. Refer to [Second Generation Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n - Update for functional issues. Refer to [10th Gen Intel\u00ae Core\u2122 Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n - Update for functional issues. Refer to [8th and 9th Gen Intel\u00ae Core\u2122 Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel\u00ae Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n - Update for functional issues. Refer to [6th Gen Intel\u00ae Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n ### New Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 \n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n ### Updated Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3373,SUSE-SLE-Module-Basesystem-15-SP2-2020-3373",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3373-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3373-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203373-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3373-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007799.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173592",
"url": "https://bugzilla.suse.com/1173592"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8696 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-19T08:27:45Z",
"generator": {
"date": "2020-11-19T08:27:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3373-1",
"initial_release_date": "2020-11-19T08:27:45Z",
"revision_history": [
{
"date": "2020-11-19T08:27:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-2.10.1.i586",
"product": {
"name": "ucode-intel-20201110-2.10.1.i586",
"product_id": "ucode-intel-20201110-2.10.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-2.10.1.x86_64",
"product": {
"name": "ucode-intel-20201110-2.10.1.x86_64",
"product_id": "ucode-intel-20201110-2.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201110-2.10.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
},
"product_reference": "ucode-intel-20201110-2.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:45Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8696"
}
],
"notes": [
{
"category": "general",
"text": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8696",
"url": "https://www.suse.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "SUSE Bug 1173592 for CVE-2020-8696",
"url": "https://bugzilla.suse.com/1173592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:45Z",
"details": "moderate"
}
],
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP2:ucode-intel-20201110-2.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:27:45Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
SUSE-SU-2020:3374-1
Vulnerability from csaf_suse - Published: 2020-11-19 08:28 - Updated: 2020-11-19 08:28Summary
Security update for ucode-intel
Severity
Moderate
Notes
Title of the patch: Security update for ucode-intel
Description of the patch: This update for ucode-intel fixes the following issues:
- Updated Intel CPU Microcode to 20201110 official release.
- CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
- CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)
- CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)
- Release notes:
- Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).
- Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).
- Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
- Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.
- Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.
- Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.
- Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.
- Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
- Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.
- Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.
### New Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3
| LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology
| TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile
| CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile
| CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10
| CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile
### Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3
| SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile
| SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable
| SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable
| SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx
| CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2
| CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2
| APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx
| APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx
| SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5
| GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120
| ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile
| AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile
| CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile
| WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile
| AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile
| WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile
| KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6
| CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E
| CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8
| CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9
| CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile
| CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile
Patchnames: SUSE-2020-3374,SUSE-SLE-Product-HPC-15-2020-3374,SUSE-SLE-Product-SLES_SAP-15-2020-3374
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Updated Intel CPU Microcode to 20201110 official release.\n - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)\n - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594)\n - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592)\n\n- Release notes:\n - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html).\n - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html).\n - Update for functional issues. Refer to [Second Generation Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor Scalable Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-spec-update.html?wapkw=processor+spec+update+e5) for details.\n - Update for functional issues. Refer to [10th Gen Intel\u00ae Core\u2122 Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/10th-gen-core-families-specification-update.html) for details.\n - Update for functional issues. Refer to [8th and 9th Gen Intel\u00ae Core\u2122 Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/docs/processors/core/8th-gen-core-spec-update.html) for details.\n - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel\u00ae Processor Families Specification Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-core-family-spec-update.html) for details.\n - Update for functional issues. Refer to [6th Gen Intel\u00ae Processor Family Specification Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-1200v6-spec-update.html) for details.\n - Update for functional issues. Refer to [Intel\u00ae Xeon\u00ae E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/docs/processors/xeon/xeon-e-2100-specification-update.html) for details.\n\n ### New Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3\n | LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology\n | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile\n | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile\n | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10\n | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10\n | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile\n \n ### Updated Platforms\n | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products\n |:---------------|:---------|:------------|:---------|:---------|:---------\n | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3\n | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile\n | SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable\n | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable\n | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx\n | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2\n | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2\n | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx\n | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx\n | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5\n | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120\n | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile\n | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile\n | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile\n | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile\n | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile\n | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile\n | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6\n | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E\n | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8\n | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9\n | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile\n | CML-U62 | A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3374,SUSE-SLE-Product-HPC-15-2020-3374,SUSE-SLE-Product-SLES_SAP-15-2020-3374",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3374-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3374-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203374-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3374-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007808.html"
},
{
"category": "self",
"summary": "SUSE Bug 1170446",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "self",
"summary": "SUSE Bug 1173592",
"url": "https://bugzilla.suse.com/1173592"
},
{
"category": "self",
"summary": "SUSE Bug 1173594",
"url": "https://bugzilla.suse.com/1173594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8695 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8696 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8698 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8698/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2020-11-19T08:28:04Z",
"generator": {
"date": "2020-11-19T08:28:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3374-1",
"initial_release_date": "2020-11-19T08:28:04Z",
"revision_history": [
{
"date": "2020-11-19T08:28:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-3.55.1.i586",
"product": {
"name": "ucode-intel-20201110-3.55.1.i586",
"product_id": "ucode-intel-20201110-3.55.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20201110-3.55.1.x86_64",
"product": {
"name": "ucode-intel-20201110-3.55.1.x86_64",
"product_id": "ucode-intel-20201110-3.55.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201110-3.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64"
},
"product_reference": "ucode-intel-20201110-3.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201110-3.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64"
},
"product_reference": "ucode-intel-20201110-3.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20201110-3.55.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
},
"product_reference": "ucode-intel-20201110-3.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8695"
}
],
"notes": [
{
"category": "general",
"text": "Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8695",
"url": "https://www.suse.com/security/cve/CVE-2020-8695"
},
{
"category": "external",
"summary": "SUSE Bug 1170415 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170415"
},
{
"category": "external",
"summary": "SUSE Bug 1170446 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1170446"
},
{
"category": "external",
"summary": "SUSE Bug 1178591 for CVE-2020-8695",
"url": "https://bugzilla.suse.com/1178591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:28:04Z",
"details": "moderate"
}
],
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8696"
}
],
"notes": [
{
"category": "general",
"text": "Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8696",
"url": "https://www.suse.com/security/cve/CVE-2020-8696"
},
{
"category": "external",
"summary": "SUSE Bug 1173592 for CVE-2020-8696",
"url": "https://bugzilla.suse.com/1173592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:28:04Z",
"details": "moderate"
}
],
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8698"
}
],
"notes": [
{
"category": "general",
"text": "Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8698",
"url": "https://www.suse.com/security/cve/CVE-2020-8698"
},
{
"category": "external",
"summary": "SUSE Bug 1173594 for CVE-2020-8698",
"url": "https://bugzilla.suse.com/1173594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:ucode-intel-20201110-3.55.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:ucode-intel-20201110-3.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:28:04Z",
"details": "moderate"
}
],
"title": "CVE-2020-8698"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…