You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ucode-intel

Sigurnosni nedostaci programskog paketa ucode-intel

openSUSE Security Update: Security update for ucode-intel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1468-1
Rating: important
References: #1111331
Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
CVE-2019-11091
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for ucode-intel fixes the following issues:

The Intel CPU Microcode was updated to the official QSR 2019.1 Microcode
release (bsc#1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127
CVE-2019-11091)

—- new platforms —————————————- VLV
C0 6-37-8/02 00000838 Atom Z series VLV C0
6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV
D0 6-37-9/0F 0000090c Atom E38xx CHV C0
6-4c-3/01 00000368 Atom X series CHV D0
6-4c-4/01 00000411 Atom X series

Readded missing in last update:

BDX-ML B0/M0/R0 6-4f-1/ef 0b00002e->00000036 Xeon E5/E7 v4; Core
i7-69xx/68xx

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1468=1

Package List:

– openSUSE Leap 15.0 (x86_64):

ucode-intel-20190514-lp150.2.21.1

References:

https://www.suse.com/security/cve/CVE-2018-12126.html
https://www.suse.com/security/cve/CVE-2018-12127.html
https://www.suse.com/security/cve/CVE-2018-12130.html
https://www.suse.com/security/cve/CVE-2019-11091.html
https://bugzilla.suse.com/1111331


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa graphviz

Otkriven je sigurnosni nedostatak u programskom paketu graphviz za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close