252 matches found
SUSE-SU-2019:3089-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: - Updated to 20191115 security release bsc1157004...
SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2958-1)
This update for ucode-intel fixes the following issues : Updated to 20191112 security release bsc1155988 - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL...
CVE-2019-0155
Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...
The vulnerability of the HECI subsystem of the microprogramming software Intel Converged Security and Manageability Engine and Intel Server Platform Services allows attackers to disclose protected information.
The vulnerability of the HECI microprogramming software’s subsystem, including Intel Converged Security and Manageability Engine and Intel Server Platform Services, is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to disclose sensitive...
openSUSE Security Update : ucode-intel (openSUSE-2019-1468) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
This update for ucode-intel fixes the following issues : The Intel CPU Microcode was updated to the official QSR 2019.1 Microcode release bsc1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 At...
SUSE-SU-2019:1296-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release bsc1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C...
CVE-2019-0153
Buffer overflow in subsystem in IntelR CSME 12.0.0 through 12.0.34 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2019-0093
Insufficient data sanitization vulnerability in HECI subsystem for IntelR CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and IntelR SPS before version SPSE305.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access...
SUSE-SU-2019:1236-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...
Microarchitectural Data Sampling speculative side channel
ISSUE DESCRIPTION Microarchitectural Data Sampling refers to a group of speculative sidechannels vulnerabilities. They consist of: CVE-2018-12126 - MSBDS - Microarchitectural Store Buffer Data Sampling CVE-2018-12127 - MLPDS - Microarchitectural Load Port Data Sampling CVE-2018-12130 - MFBDS -...
OPENSUSE-SU-2019:1084-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: Updated to the 20190312 bundle release bsc1129231 New Platforms: - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Cor...
The vulnerability of the HECI subsystem of the microprogramming software, Intel Converged Security and Manageability Engine, Intel Trusted Execution Engine, and Intel Server Platform Services allows a perpetrator to execute arbitrary code.
The vulnerability of Microprogramming Software, including Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Server Platform Services SPS, is related to the execution of operations outside of the buffer in memory. Exploitation of this vulnerabili...
Intel Converged Security and Management Engine and Intel TXE Buffer Overflow Vulnerability
Intel Converged Security and Management Engine CSME and Intel TXE are both products of Intel Corporation, U.S.A. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trust execution engine with hardware authentication capabilities for use in CPUs central...
Intel Data Center Manager SDK Local Information Disclosure Vulnerability
Intel Data Center Manager SDK is a data center management SDK software development kit from Intel USA. The product provides real-time power and cooling data for devices. A security vulnerability exists in IntelR Data Center Manager SDK prior to version 5.0.2, which stems from the program failing ...
Unspecified Vulnerability in Intel Active Management Technology
Intel Active Management Technology AMT is an embedded system from the U.S. company Intel Intel that is integrated into the Intel chip and uses active management technology. A security vulnerability exists in the TLS implementation in Intel AMT versions prior to 12.0.5. An attacker could exploit t...
SUSE-SU-2018:2338-1 Security update to ucode-intel
ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and is part of the mitigations for CVE-2018-3639 Spectre v4 and CVE-2018-3646 L1 Terminal fault. bsc1104134 bsc1087082 bsc1087083 bsc1089343 Processor Identifier Version Products Mode...
Intel Converged Security Manageability Engine Active Management Technology Buffer Overflow Vulnerability
The Intel Converged Security Manageability Engine is a security management engine for use in CPUs Central Processing Units from Intel Corporation in the U.S. Active Management Technology AMT is one of the active management components. A buffer overflow vulnerability exists in the event handler of...
Intel Security True Key SecureExecute Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Intel Security True Key. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TrueK...
Intel Firmware Vulnerability
Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourag...
ICSA-17-180-01A_Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: SIMATIC Industrial PCs, SINUMERIK Panel Control Unit PCU, SIMOTION P320 Vulnerability: Permissions, Privileges, and Access Controls UPDATED INFORMATION This updated advisory is a follow-up to the...