SUSE-SU-2025:01703-1 Security update for xen

This update for xen fixes the following issues: Update to Xen 4.18.5: Security fixes: - CVE-2024-28956: Fixed Intel CPU Indirect Target Selection ITS bsc1243117 Other fixes: - Fixed boot failing with XEN kernel on DL580 Gen12 bsc1242490 - Added missing upstream bug fixes bsc1027519...

K000151401: Intel CPU vulnerability CVE-2025-20100

Security Advisory Description Improper access control in the memory controller configurations for some IntelR XeonR 6 processor with E-cores may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20100 Impact There is no impact; F5 products are not...

K000151376: Intel CPU vulnerability CVE-2025-20004

Security Advisory Description Insufficient control flow management in the Alias Checking Trusted Module for some IntelR XeonR 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20004 Impact There is no impact; F5...

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 CVSS score: 8.8, the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local...

K000134942: Intel CPU vulnerability CVE-2022-33972

Security Advisory Description Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2022-33972 Impact This vulnerability may allow a privileged use...

K95204515: Intel CPU vulnerability CVE-2022-21151

Security Advisory Description Processor optimization removal or modification of security-critical code for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21151 Impact This vulnerability may allow an authenticated user...

K60381308: Intel CPU vulnerability CVE-2018-3655

Security Advisory Description A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information v...

K41192923: Intel CPU vulnerability CVE-2018-3616

Security Advisory Description Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. CVE-2018-3616 Impact There is no impact; F5 products...

K04160444: Intel CPU vulnerability CVE-2020-0592

Security Advisory Description Out of bounds write in BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. CVE-2020-0592 Impact There is no impact; F5 products are not affected by this...

K10321239: Intel CPU vulnerability CVE-2019-11157

Security Advisory Description Improper conditions check in voltage settings for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure via local access. CVE-2019-11157 Impact There is no impact; F5 products are not affect...

Intel CPU vulnerability CVE-2021-0091

Improper access control in the firmware for some IntelR Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0091 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The...

Intel CPU vulnerability CVE-2021-0119

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via physical access. CVE-2021-0119 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The followin...

Intel CPU vulnerability CVE-2021-0092

Improper access control in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access. CVE-2021-0092 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The following...

LVI Attacks: New Intel CPU Vulnerability Puts Data Centers At Risk

It appears there is no end in sight to the hardware level security vulnerabilities in Intel processors, as well as to the endless 'performance killing' patches that resolve them. Modern Intel CPUs have now been found vulnerable to a new attack that involves reversely exploiting Meltdown-type data...

SUSE-SU-2020:0558-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources bsc1163971. -...

New ‘CacheOut’ Attack Targets Intel CPUs

Researchers have identified a new speculative execution type attack, dubbed CacheOut, that could allow attackers to trigger data leaks from most Intel CPUs. The more serious of the two bugs, revealed Monday, is rated medium severity by Intel, who said fixes for both flaws are on the way. The more...

A week in security (December 9 – 15)

Last week on Malwarebytes Labs, we cautioned readers against purchasing potentially privacy-invasive, cyber-insecure smart doorbells, warned about a new credit card skimmer vulnerability embedded within hundreds of fraudulent web sites selling supposedly name-brand shoes, and looked at the newest...

USN-3985-1: libvirt update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

USN-3982-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 for Ubuntu 14.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas,...

Intel CPU Vulnerability can provide control of your system to attacker

Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...