Lucene search
K

Fedora 42 : microcode_ctl (2026-85ee8cb2a2)

🗓️ 19 Feb 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 6 Views

Fedora 42 microcode_ctl update to upstream 2.1-51 fixes multiple Intel microcode revisions.

Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2026-85ee8cb2a2
#

include('compat.inc');

if (description)
{
  script_id(299622);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/19");
  script_xref(name:"FEDORA", value:"2026-85ee8cb2a2");

  script_name(english:"Fedora 42 : microcode_ctl (2026-85ee8cb2a2)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the
FEDORA-2026-85ee8cb2a2 advisory.

    - Update to upstream 2.1-51. 20260210
      - Addition of 06-ae-01/0x97 (GNR-D B0/B1) microcode at revision
        0x10002f3;
      - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000410
        up to 0xd000421;
      - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002e0
        up to 0x10002f1;
      - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xca
        up to 0xcc;
      - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
        0xbc up to 0xbe;
      - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x3c up
        to 0x3e;
      - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x56 up
        to 0x58;
      - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
        intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
        intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
        intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
        0x2b000643 up to 0x2b000661;
      - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
        intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
        revision 0x2c000401 up to 0x2c000421;
      - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
        intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
        intel-ucode/06-8f-08) from revision 0x2c000401 up to 0x2c000421;
      - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
        intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
        revision 0x2c000401 up to 0x2c000421;
      - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
        intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
        intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
      - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
        0x2c000401 up to 0x2c000421;
      - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
        0x2b000643 up to 0x2b000661;
      - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
        0x3a up to 0x3e;
      - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
        intel-ucode/06-97-02) from revision 0x3a up to 0x3e;
      - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) from
        revision 0x3a up to 0x3e;
      - Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) from
        revision 0x3a up to 0x3e;
      - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
        intel-ucode/06-97-05) from revision 0x3a up to 0x3e;
      - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x3a
        up to 0x3e;
      - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) from
        revision 0x3a up to 0x3e;
      - Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) from
        revision 0x3a up to 0x3e;
      - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
        0x437 up to 0x43b;
      - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
        intel-ucode/06-9a-03) from revision 0x437 up to 0x43b;
      - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
        intel-ucode/06-9a-04) from revision 0x437 up to 0x43b;
      - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0xa up
        to 0xc;
      - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x437
        up to 0x43b;
      - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x64 up
        to 0x65;
      - Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x25
        up to 0x28;
      - Update of 06-ad-01/0x20 (GNR-AP/SP H0) microcode from revision
        0xa000100 up to 0xa000133;
      - Update of 06-ad-01/0x95 (GNR-AP/SP B0) microcode from revision
        0x10003d0 up to 0x1000405;
      - Update of 06-af-03/0x01 (SRF-SP C0) microcode from revision 0x3000362
        up to 0x3000382;
      - Update of 06-b5-00/0x80 (ARL-U A1) microcode from revision 0xa up
        to 0xd;
      - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12f up
        to 0x133;
      - Update of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) from
        revision 0x12f up to 0x133;
      - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
        0x4129 up to 0x6134;
      - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
        intel-ucode/06-ba-02) from revision 0x4129 up to 0x6134;
      - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
        revision 0x4129 up to 0x6134;
      - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
        intel-ucode/06-ba-03) from revision 0x4129 up to 0x6134;
      - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4129
        up to 0x6134;
      - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
        revision 0x4129 up to 0x6134;
      - Update of 06-bd-01/0x80 (LNL B0) microcode from revision 0x123 up
        to 0x125;
      - Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1d up
        to 0x21;
      - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
        intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
      - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
        intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
      - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x3a up
        to 0x3e;
      - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) from
        revision 0x3a up to 0x3e;
      - Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) from
        revision 0x3a up to 0x3e;
      - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
        intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
      - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
        intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
      - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
        from revision 0x3a up to 0x3e;
      - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x3a up
        to 0x3e;
      - Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) from
        revision 0x3a up to 0x3e;
      - Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) from
        revision 0x3a up to 0x3e;
      - Update of 06-c5-02/0x82 (ARL-H A1) microcode from revision 0x119 up
        to 0x11b;
      - Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode (in
        intel-ucode/06-c5-02) from revision 0x119 up to 0x11b;
      - Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c5-02) from
        revision 0x119 up to 0x11b;
      - Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c5-02) from
        revision 0x119 up to 0x11b;
      - Update of 06-c5-02/0x82 (ARL-H A1) microcode (in intel-ucode/06-c6-02)
        from revision 0x119 up to 0x11b;
      - Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode from revision
        0x119 up to 0x11b;
      - Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c6-02) from
        revision 0x119 up to 0x11b;
      - Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c6-02) from
        revision 0x119 up to 0x11b;
      - Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
        intel-ucode/06-cf-02) from revision 0x210002b3 up to 0x210002d3;
      - Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x210002b3
        up to 0x210002d3.
    - Resolves RHBZ#2431378

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2026-85ee8cb2a2");
  script_set_attribute(attribute:"solution", value:
"Update the affected 2:microcode_ctl package.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/02/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/02/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/02/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:42");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:microcode_ctl");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Fedora Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Fedora' >!< os_product) audit(AUDIT_OS_NOT, 'Fedora');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
if (! preg(pattern:"^42([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'Fedora 42', 'Fedora ' + os_version);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);

var constraints = [
  {
    'release': '42',
    'pkgs': [
      {'reference':'microcode_ctl-2.1-70.1.fc42', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'microcode_ctl');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation