| Source | Link |
|---|---|
| bodhi | www.bodhi.fedoraproject.org/updates/FEDORA-2026-85ee8cb2a2 |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2026-85ee8cb2a2
#
include('compat.inc');
if (description)
{
script_id(299622);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/19");
script_xref(name:"FEDORA", value:"2026-85ee8cb2a2");
script_name(english:"Fedora 42 : microcode_ctl (2026-85ee8cb2a2)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the
FEDORA-2026-85ee8cb2a2 advisory.
- Update to upstream 2.1-51. 20260210
- Addition of 06-ae-01/0x97 (GNR-D B0/B1) microcode at revision
0x10002f3;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000410
up to 0xd000421;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002e0
up to 0x10002f1;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xca
up to 0xcc;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0xbc up to 0xbe;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x3c up
to 0x3e;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x56 up
to 0x58;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000643 up to 0x2b000661;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000401 up to 0x2c000421;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000643 up to 0x2b000661;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000401 up to 0x2c000421;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000643 up to 0x2b000661;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) from
revision 0x3a up to 0x3e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x3a
up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) from
revision 0x3a up to 0x3e;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x437 up to 0x43b;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x437 up to 0x43b;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x437 up to 0x43b;
- Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0xa up
to 0xc;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x437
up to 0x43b;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x64 up
to 0x65;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x25
up to 0x28;
- Update of 06-ad-01/0x20 (GNR-AP/SP H0) microcode from revision
0xa000100 up to 0xa000133;
- Update of 06-ad-01/0x95 (GNR-AP/SP B0) microcode from revision
0x10003d0 up to 0x1000405;
- Update of 06-af-03/0x01 (SRF-SP C0) microcode from revision 0x3000362
up to 0x3000382;
- Update of 06-b5-00/0x80 (ARL-U A1) microcode from revision 0xa up
to 0xd;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12f up
to 0x133;
- Update of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) from
revision 0x12f up to 0x133;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4129 up to 0x6134;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4129 up to 0x6134;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4129 up to 0x6134;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4129 up to 0x6134;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4129
up to 0x6134;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4129 up to 0x6134;
- Update of 06-bd-01/0x80 (LNL B0) microcode from revision 0x123 up
to 0x125;
- Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1d up
to 0x21;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x3a up to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) from
revision 0x3a up to 0x3e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x3a up to 0x3e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x3a up to 0x3e;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x3a up
to 0x3e;
- Update of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
- Update of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) from
revision 0x3a up to 0x3e;
- Update of 06-c5-02/0x82 (ARL-H A1) microcode from revision 0x119 up
to 0x11b;
- Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode (in
intel-ucode/06-c5-02) from revision 0x119 up to 0x11b;
- Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
- Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c5-02) from
revision 0x119 up to 0x11b;
- Update of 06-c5-02/0x82 (ARL-H A1) microcode (in intel-ucode/06-c6-02)
from revision 0x119 up to 0x11b;
- Update of 06-c6-02/0x82 (ARL-HX 8P/S B0) microcode from revision
0x119 up to 0x11b;
- Update of 06-c6-04/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
- Update of 06-ca-02/0x82 microcode (in intel-ucode/06-c6-02) from
revision 0x119 up to 0x11b;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x210002b3 up to 0x210002d3;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x210002b3
up to 0x210002d3.
- Resolves RHBZ#2431378
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2026-85ee8cb2a2");
script_set_attribute(attribute:"solution", value:
"Update the affected 2:microcode_ctl package.");
script_set_attribute(attribute:"risk_factor", value:"High");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/02/18");
script_set_attribute(attribute:"patch_publication_date", value:"2026/02/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/02/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:42");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:microcode_ctl");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Fedora' >!< os_product) audit(AUDIT_OS_NOT, 'Fedora');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
if (! preg(pattern:"^42([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'Fedora 42', 'Fedora ' + os_version);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var constraints = [
{
'release': '42',
'pkgs': [
{'reference':'microcode_ctl-2.1-70.1.fc42', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'microcode_ctl');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation