Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7.4 Advances Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Fedora 33 : 2:microcode_ctl (2020-2c8824c6b1)

Update to upstream 2.1-31. 20201118 - Removal of 06-8c-01/0x80 TGL-UP3/UP4 B1 microcode at revision 0x681; - Update of 06-7a-01/0x01 GLK B0 microcode from revision 0x32 up to 0x342. 1 The microcode has been removed after reports of system hangs:...

CentOS: Security Advisory for microcode_ctl (CESA-2020:5083)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments TEE. Called SGAxe, the first of the flaws is an evolution of the previously uncovered CacheOut attack...

HPSBHF03670 rev. 2 - Intel® Processors Data Leakage Advisory

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors in some data cache evictions in some Intel® Processors that may allow a...

HPSBHF03668 rev. 4 - Intel® 2020.1 IPU Special Register Buffer Data Sampling and Improper Data Forwarding

Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel® VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors from specific special register read operations and improper data...

Intel Processors Side Channel Data Leakage Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-30044 Potential Impact: Information Disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2020-0548, CVE-2020-0549, CVE-2020-0550 Summary Description: Intel reported potential security vulnerabilities in some Intel Processors that may allow...

Intel Processors Side Channel Data Leakage Vulnerabilities - Lenovo Support US

No description provided...

New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave

Another month, another speculative execution vulnerability found in Intel processors. If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel,...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2503)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. bsc1135966 -...

Medium: microcode_ctl, kernel

Issue Overview: This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcodectl package, the microcode will be automatically activated on next boot. Improper...

Security Bulletin: Vulnerabilities in Intel CPUs affect IBM Integrated Analytics System

Summary Potential security vulnerabilities in CPUs may allow information disclosure. Intel released Microcode Updates MCU updates to mitigate this potential vulnerability. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-11091 DESCRIPTION:...

SUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1287-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectura...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1407-1 Rating: important References: 1012382 1020645 1020989 1031492 1047487 1051510 1053043 1062056 1063638 1064388 1066223 1070872 1085539 1087092 1094244 1096480 1096728 1097104 1100132 1103186...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1404) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill...

openSUSE: Security Advisory for xen (openSUSE-SU-2019:1403-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : xen (openSUSE-2019-1403) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0008)(MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)(Remote Check)

The remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is missing a security patch. It is, therefore, missing microcode updates to address the following vulnerabilities: - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Load Port Data Sampling MLPDS...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2019:1403-1 Rating: important References: 1027519 1079730 1098403 1111025 1111331 1120067 1120095 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 15.0 An...