The vulnerabilities of microprogramming software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E7 v4, and Intel Atom processor C allow attackers to enhance their privileges, cause system failures, or gain unauthorized access to protected information.

The vulnerability of microprogrammed software for Intel Xeon Scalable Processors, Intel Xeon Processors D, Intel Xeon Processors E5 v4, Intel Xeon Processors E7 v4, and Intel Atom processor C is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to...

Oracle Linux 8 : kernel (ELSA-2019-3871)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3871 advisory. 4.18.0-147.0.31.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. TSX...

MGASA-2019-0333 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. A...

MGASA-2019-0332 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. TSX...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. A...

Oracle Linux 7 : kernel (ELSA-2019-3872)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3872 advisory. - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie 1756882 1756883 CVE-2019-0155 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dave...

Improper access control

Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5, v6 Families; IntelR XeonR E-2100 & E-2200 Processor Families with IntelR Processor Graphics may allow a privileged user t...

CVE-2019-11139

Improper conditions check in the voltage modulation interface for some IntelR XeonR Scalable Processors may allow a privileged user to potentially enable denial of service via local access...

CVE-2019-0155

Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...

CVE-2019-0154

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

Improper access control

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

Improper access control

Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...

CVE-2019-0154

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

OPENSUSE-SU-2019:2509-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to 20191112 security release bsc1155988 - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile -...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability and regression (USN-4185-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4185-3 advisory. USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer...

USN-4186-3 linux vulnerability

USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details:...

Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices

A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module TPM is a...

USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi,...

USN-4186-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...