CLSA-2023-1702420812 microcode_ctl: Fix of CVE-2023-23583

Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 INTEL-SA-00950: - Addition of 06-ba-02/0xe0 microcode at revision 0x411c; - Addition of 06-ba-02/0xe0 microcode at revision 0x411c; - Addition of 06-ba-03/0xe0 microcode in intel-ucode/06-ba-02 at revision 0x411c;...

MGASA-2023-0249 Updated microcode packages fix security vulnerabilities

This update adds initial microcode updates for AMD and Intel CPUs for the following security issues: AMD: A side channel vulnerability in some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled...

Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk

A new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as...

K000133630: Intel processor vulnerability CVE-2022-26343

Security Advisory Description Improper access control in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-26343 Impact This vulnerability may allow a privileged user to potentially enable escalation o...

K29100014: Intel processors vulnerability CVE-2019-14607

Security Advisory Description Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. CVE-2019-14607 Impact While certain F5 hardware platforms...

K95204515: Intel CPU vulnerability CVE-2022-21151

Security Advisory Description Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21151 Impact This vulnerability may allow an authenticated user...

K29421535: Intel processor vulnerability CVE-2021-33117

Security Advisory Description Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 Impact This vulnerability may potentially allow a local...

K87351324: Intel BIOS vulnerability CVE-2021-33124

Security Advisory Description Out-of-bounds write in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-33124 Impact A local attacker logged in as a privileged user can exploit the...

K14454359: Intel BIOS vulnerability CVE-2021-0153

Security Advisory Description Out-of-bounds write in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0153 Impact A local attacker logged in as a privileged user can exploit this vulnerability to gain...

K04303225: Intel BIOS vulnerability CVE-2021-0190

Security Advisory Description Uncaught exception in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access. CVE-2021-0190 Impact A local attacker logged in as a privileged user can exploit the vulnerability to gain...

K53252134: Intel BIOS vulnerability CVE-2021-0155

Security Advisory Description Unchecked return value in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2021-0155 Impact A local attacker logged-in as a privileged user can exploit the vulnerability to gai...

SUSE CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

microcode_ctl bug fix and enhancement update

An update is available for microcodectl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel processors...

2022.2 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21233 Description: Improper isolation of shared resources in some IntelR...

CVE-2022-24436

Observable behavioral in power management throttling for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via network access...

microcode_ctl bug fix and enhancement update

The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: Update Intel CPU microcode to the microcode-20220204 release, which addresses CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 BZ2049541, BZ2049553, BZ2049570...

MGASA-2022-0064 Updated microcode packages fix security vulnerabilities

Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access CVE-2021-0127 / SA-00532...

CentOS: Security Advisory for microcode_ctl (CESA-2021:3028)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: microcode_ctl security, bug fix and enhancement update

The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache Eviction Sampling CVE-2020-0549 hw: vt-d related privilege escalation CVE-2020-24489 hw:...

microcode_ctl security, bug fix and enhancement update

An update is available for microcodectl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel. Security...