You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ucode intel

Sigurnosni nedostaci programskog paketa ucode intel

openSUSE Security Update: Security update for ucode-intel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:2075-1
Rating: important
References: #1170446 #1173592 #1173594 #1178971
Cross-References: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698

Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________

An update that solves three vulnerabilities and has one
errata is now available.

Description:

This update for ucode-intel fixes the following issues:

– Updated Intel CPU Microcode to 20201118 official release. (bsc#1178971)

– Removed TGL/06-8c-01/80 due to functional issues with some OEM
platforms.

– Updated Intel CPU Microcode to 20201110 official release.
– CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446)
– CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381
(bsc#1173594)
– CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381
(bsc#1173592)

– Release notes:
– Security updates for
[INTEL-SA-00381](https://www.intel.com/content/www/us/en/security-center/ad
visory/intel-sa-00381.html).
– Security updates for
[INTEL-SA-00389](https://www.intel.com/content/www/us/en/security-center/ad
visory/intel-sa-00389.html).
– Update for functional issues. Refer to [Second Generation Intel??
Xeon?? Processor Scalable Family Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/338848) for details.
– Update for functional issues. Refer to [Intel?? Xeon?? Processor
Scalable Family Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/613537) for details.
– Update for functional issues. Refer to [Intel?? Xeon?? Processor E5 v3
Product Family Specification
Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e5-v3-
spec-update.html?wapkw=processor+spec+update+e5) for details.
– Update for functional issues. Refer to [10th Gen Intel?? Core???
Processor Families Specification
Update](https://www.intel.com/content/www/us/en/products/docs/processors/co
re/10th-gen-core-families-specification-update.html) for details.
– Update for functional issues. Refer to [8th and 9th Gen Intel??
Core??? Processor Family Spec
Update](https://www.intel.com/content/www/us/en/products/docs/processors/co
re/8th-gen-core-spec-update.html) for details.
– Update for functional issues. Refer to [7th Gen and 8th Gen (U
Quad-Core) Intel?? Processor Families Specification
Update](https://www.intel.com/content/www/us/en/processors/core/7th-gen-cor
e-family-spec-update.html) for details.
– Update for functional issues. Refer to [6th Gen Intel?? Processor
Family Specification
Update](https://cdrdv2.intel.com/v1/dl/getContent/332689) for details.
– Update for functional issues. Refer to [Intel?? Xeon?? E3-1200 v6
Processor Family Specification
Update](https://www.intel.com/content/www/us/en/processors/xeon/xeon-e3-120
0v6-spec-update.html) for details.
– Update for functional issues. Refer to [Intel?? Xeon?? E-2100 and
E-2200 Processor Family Specification
Update](https://www.intel.com/content/www/us/en/products/docs/processors/xe
on/xeon-e-2100-specification-update.html) for details.

### New Platforms | Processor | Stepping | F-M-S/PI | Old Ver |
New Ver | Products
|:—————|:———|:————|:———|:———|:———
| CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon
Scalable Gen3 | LKF | B2/B3 | 06-8a-01/10 | |
00000028 | Core w/Hybrid Technology | TGL | B1 |
06-8c-01/80 | | 00000068 | Core Gen11 Mobile | CML-H |
R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile |
CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10
| CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core
Gen10 | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 |
Core Gen10 Mobile

### Updated Platforms | Processor | Stepping | F-M-S/PI | Old
Ver | New Ver | Products
|:—————|:———|:————|:———|:———|:———
| HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core
Gen4 X series; Xeon E5 v3 | SKL-U/Y | D0 | 06-4e-03/c0 |
000000d6 | 000000e2 | Core Gen6 Mobile | SKL-U23e | K1 |
06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile | SKX-SP |
B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable |
SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon
Scalable | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 |
Xeon D-21xx | CLX-SP | B0 | 06-55-06/bf | 04002f01 |
04003003 | Xeon Scalable Gen2 | CLX-SP | B1 | 06-55-07/bf |
05002f01 | 05003003 | Xeon Scalable Gen2 | APL | D0 |
06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom
x5/7-E39xx | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e
| Atom x5-E39xx | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 |
000000e2 | Core Gen6; Xeon E3 v5 | GKL-R | R0 | 06-7a-08/01
| 00000016 | 00000018 | Pentium J5040/N5030, Celeron
J4125/J4025/N4020/N4120 | ICL-U/Y | D1 | 06-7e-05/80 |
00000078 | 000000a0 | Core Gen10 Mobile | AML-Y22 | H0 |
06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-U/Y |
H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile |
CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8
Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de |
Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 |
000000de | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 |
000000d6 | 000000de | Core Gen10 Mobile | WHL-U | V0 |
06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-G/H/S/E3 |
B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6 |
CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8
Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 |
000000d6 | 000000de | Core Gen8 | CFL-H/S | P0 | 06-9e-0c/22
| 000000d6 | 000000de | Core Gen9 | CFL-H | R0 |
06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile | CML-U62 |
A0 | 06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-2075=1

Package List:

– openSUSE Leap 15.2 (x86_64):

ucode-intel-20201118-lp152.2.8.1

References:

https://www.suse.com/security/cve/CVE-2020-8695.html
https://www.suse.com/security/cve/CVE-2020-8696.html
https://www.suse.com/security/cve/CVE-2020-8698.html
https://bugzilla.suse.com/1170446
https://bugzilla.suse.com/1173592
https://bugzilla.suse.com/1173594
https://bugzilla.suse.com/1178971_______________________________________________
openSUSE Security Announce mailing list — security-announce@lists.opensuse.org
To unsubscribe, email security-announce-leave@lists.opensuse.org
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke LibVNCServer

Otkriven je sigurnosni nedostatak programske biblioteke LibVNCServer za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close