SUSE-SU-2023:3359-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to Intel CPU Microcode 20230808 release. bsc1214099 - CVE-2022-40982: Fixed a potential security vulnerability in some Intel� Processors which may allow information disclosure. - CVE-2023-23908: Fixed a potential security...

CLSA-2023-1692296134 Update of alt-php

SECURITY UPDATE: New microcode data file 2023-05-12 - New microcodes: sig 0x000906a4, pfmask 0x40, 2022-10-12, rev 0x0004, size 115712 sig 0x000b06e0, pfmask 0x01, 2022-12-19, rev 0x0010, size 134144 - Updated microcodes: sig 0x00050653, pfmask 0x97, 2022-12-21, rev 0x1000171, size 36864 sig...

CLSA-2023-1692295398 Update of microcode_ctl

Update Intel CPU microcode to microcode-20230512-rev.2 release: - Addition of 06-9a-04/0x40 microcode at revision 0x4; - Addition of 06-be-00/0x01 microcode at revision 0x10; - Update of 06-55-03/0x97 SKX-SP B1 microcode from revision 0x1000161 up to 0x1000171; - Update of 06-55-04/0xb7...

[SECURITY] Fedora 38 Update: microcode_ctl-2.1-55.1.fc38

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

CLSA-2023-1692110951 Fix CVE(s): CVE-2023-20593

New microcode update packages from AMD upstream up to 2023-07-19: + New Microcodes for 17h family: sig 0x00800f82, sig 0x00830f10; + New Microcodes for 19h family: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; + Updated microcodes of 17h family: sig 0x00800f12, sig 0x00800f82; SECURITY UPDATE:...

CLSA-2023-1692109896 linux-firmware: Fix of CVE-2023-20593

Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00, sig 0x00830f10; - Addition AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor...

CLSA-2023-1692109552 linux-firmware: Fix of CVE-2023-20593

Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00, sig 0x00830f10; - Addition AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor...

microcode_ctl security update

4:20220809-2.20230214.1.0.3 - update 06-55-04 to 0x2007006 - update 06-55-06 to 0x4003604 - update 06-55-07 to 0x5003604 - update 06-6a-06 to 0xd0003a5 - Resolves for Oracle hardware: CVE-2022-40982 Orabug: 35692740...

Important: Red Hat Enhancement Advisory: microcode_ctl bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7. The microcodectl packages provide microcode updates for Intel processors. Bug Fixes and Enhancements: Update Intel CPU microcode to microcode-20230214 release, which addresses CVE-2022-21216, CVE-2022-33196, CVE-2022-3397...

Missing Linux Kernel mitigations for 'GDS - Gather Data Sampling' hardware vulnerability (Downfall, INTEL-SA-00828)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Missing Linux Kernel mitigations for 'Speculative Return Stack Overflow (SRSO)' hardware vulnerability (INCEPTION, AMD-SB-7005)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power CVE-2023-20583, Downfall CVE-2022-40982, and Inception CVE-2023-20569, the novel methods follow the disclosure of another newly...

[SECURITY] [DLA 3512-1] linux-5.10 security update

Debian LTS Advisory DLA-3512-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings August 2, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.179-3deb10u1 CVE ID : CVE-2023-2156 CVE-2023-3390 CVE-2023-3610 CVE-2023-20593 CVE-2023-31248 CVE-2023-35001...

Debian: Security Advisory (DSA-5462-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5461-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5461-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 30, 2023 https://www.debian.org/security/faq -...

Updated microcode packages fix security vulnerability

Under specific microarchitectural circumstances, a register in "Zen 2" CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information CVE-2023-20593, also know...

Updated kernel packages fix security vulnerability

This kernel update is based on upstream 5.15.122 and fixes atleast the following security issue: Under specific microarchitectural circumstances, a register in "Zen 2" CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register,...

[SECURITY] Fedora 38 Update: microcode_ctl-2.1-55.fc38

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

Missing Linux Kernel mitigations for 'Cross-Thread Return Address Predictions' hardware vulnerability (AMD-SB-1045)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...