SUSE-SU-2020:14394-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: Updated Intel CPU Microcode to 20200602 prerelease bsc1172466 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores...

The vulnerability of Intel Converged Security and Manageability Engine’s microprogramming software, related to a logical error, allows attackers to escalate their privileges and expose sensitive information.

The vulnerability of Intel Converged Security and Manageability Engine CSME is related to a logical error. Exploiting this vulnerability can allow attackers to enhance their privileges and expose sensitive information...

The vulnerability of the WebVPN function in Cisco Adaptive Security Appliance and Firepower Threat Defense micro-programming systems allows a perpetrator to induce a service failure.

The vulnerability of the WebVPN function in Cisco Adaptive Security Appliance and Firepower Threat Defense microprogramming systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause a service failure by requesting the loading ...

The vulnerability of the microprogramming software of the Moxa IKS-G6824A switch allows a intruder to gain unauthorized access to the device.

The vulnerability of the Moxa IKS-G6824A switch’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the device...

The vulnerability of D-Link DIR-620 router’s microprogramming software, related to deficiencies in access control, allows attackers to gain access to protected information.

The vulnerability of D-Link DIR-620 router microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to protected information from a remote location...

The vulnerability of the microprogramming software of the HPE StorageWorks XP7 Automation Director storage system, related to authentication procedures that lack deficiencies, allows attackers to disclose protected information.

The vulnerability of the microprogramming software in the HPE StorageWorks XP7 Automation Director network storage system is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to disclose protected information from a remote location...

CVE-2013-6885

The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service system hang via a crafted application, aka the errata 793 issue...

CVE-2013-6885

The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service system hang via a crafted application, aka the errata 793 issue...