# SPDX-FileCopyrightText: 2025 Greenbone AG # Some text descriptions might be excerpted from (a) referenced # source(s), and are Copyright (C) by the respective right holder(s). # # SPDX-License-Identifier: GPL-2.0-only if(description) { script_oid("1.3.6.1.4.1.25623.1.1.18.2.2025.0591.1"); script_cve_id("CVE-2024-31068", "CVE-2024-36293", "CVE-2024-37020", "CVE-2024-39355"); script_tag(name:"creation_date", value:"2025-02-21 04:06:31 +0000 (Fri, 21 Feb 2025)"); script_version("2025-08-15T15:42:26+0000"); script_tag(name:"last_modification", value:"2025-08-15 15:42:26 +0000 (Fri, 15 Aug 2025)"); script_tag(name:"cvss_base", value:"5.0"); script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_name("openSUSE Security Advisory (SUSE-SU-2025:0591-1)"); script_category(ACT_GATHER_INFO); script_copyright("Copyright (C) 2025 Greenbone AG"); script_family("openSUSE Local Security Checks"); script_dependencies("gather-package-list.nasl"); script_mandatory_keys("ssh/login/opensuse", "ssh/login/rpms", re:"ssh/login/release=openSUSELeap15\.6"); script_xref(name:"Advisory-ID", value:"SUSE-SU-2025:0591-1"); script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2025/suse-su-20250591-1.html"); script_xref(name:"URL", value:"https://bugzilla.suse.com/1237096"); script_xref(name:"URL", value:"https://lists.suse.com/pipermail/sle-security-updates/2025-February/020376.html"); script_tag(name:"summary", value:"The remote host is missing an update for the 'ucode-intel' package(s) announced via the SUSE-SU-2025:0591-1 advisory."); script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host."); script_tag(name:"insight", value:"This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) - CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. - CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. - CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. - CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. - New Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products :---------------:---------:------------:---------:---------:--------- SRF-SP C0 06-af-03/01 03000330 Xeon 6700-Series Processors with E-Cores ### Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products :---------------:---------:------------:---------:---------:--------- ADL C0 06-97-02/07 00000037 00000038 Core Gen12 ADL H0 06-97-05/07 00000037 00000038 Core Gen12 ADL L0 06-9a-03/80 00000435 00000436 Core Gen12 ADL R0 06-9a-04/80 00000435 00000436 Core Gen12 ADL-N N0 06-be-00/19 0000001a 0000001c Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E AZB A0/R0 06-9a-04/40 00000007 00000009 Intel(R) Atom(R) C1100 CFL-H R0 06-9e-0d/22 00000100 00000102 Core Gen9 Mobile CFL-H/S/E3 U0 06-9e-0a/22 000000f8 000000fa Core Gen8 Desktop, Mobile, Xeon E EMR-SP A0 06-cf-01/87 21000283 21000291 Xeon Scalable Gen5 EMR-SP A1 06-cf-02/87 21000283 21000291 Xeon Scalable Gen5 ICL-D B0 06-6c-01/10 010002b0 010002c0 Xeon D-17xx, D-27xx ICX-SP Dx/M1 06-6a-06/87 0d0003e7 0d0003f5 Xeon Scalable Gen3 RPL-E/HX/S B0 06-b7-01/32 0000012b 0000012c ... [Please see the references for more information on the vulnerabilities]"); script_tag(name:"affected", value:"'ucode-intel' package(s) on openSUSE Leap 15.6."); script_tag(name:"solution", value:"Please install the updated package(s)."); script_tag(name:"solution_type", value:"VendorFix"); script_tag(name:"qod_type", value:"package"); exit(0); } include("revisions-lib.inc"); include("pkg-lib-rpm.inc"); release = rpm_get_ssh_release(); if(!release) exit(0); res = ""; report = ""; if(release == "openSUSELeap15.6") { if(!isnull(res = isrpmvuln(pkg:"ucode-intel", rpm:"ucode-intel~20250211~150200.53.1", rls:"openSUSELeap15.6"))) { report += res; } if(report != "") { security_message(data:report); } else if(__pkg_match) { exit(99); } exit(0); } exit(0);

Query Builder