Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat (CVE-2023-24958)

Summary IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat CVE-2023-24958. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-24958 DESCRIPTION: A vulnerability in the IBM TS7700 Management Interface could allow an...

K000133630: Intel processor vulnerability CVE-2022-26343

Security Advisory Description Improper access control in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-26343 Impact This vulnerability may allow a privileged user to potentially enable escalation o...

USN-5886-1: Intel Microcode vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Erik C. Bjorge discovered that some IntelR Atom and Intel Xeon Scalable Processors did not properly implement access controls for out-of-band management. This...

Missing Linux Kernel mitigations for 'Cross-Thread Return Address Predictions' hardware vulnerability (AMD-SB-1045)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

CLSA-2023-1681288130 Update of microcode_ctl

Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...

Update of microcode_ctl

Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...

CLSA-2023-1681284837 Update of microcode_ctl

Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode in...

CLSA-2023-1681236252 Update of microcode_ctl

Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode at revision 0x2b000181; - Addition of 06-8f-05/0x10 microcode in...

CLSA-2023-1681162921 Update of microcode_ctl

Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...

Debian dla-3379 : intel-microcode - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3379 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3379-1 [email protected]...

DLA-3379-1 intel-microcode - security update

Bulletin has no description...

SUSE: Security Advisory (SUSE-SU-2023:0568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0085)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure

intel-microcode is vulnerable to Information Disclosure. The vulnerability exists due to the incorrect calculation in the microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors, which allows an attacker to potentially enable information disclosure via local access...

CLSA-2023-1679000846 Fix of 6 CVEs

SECURITY UPDATE: New microcode data file 2023-02-14 - New microcodes: sig 0x000606c1, pfmask 0x10, 2022-09-23, rev 0x1000211, size 289792 sig 0x000806f4, pfmask 0x10, 2022-12-19, rev 0x2c000170, size 600064 sig 0x000806f4, pfmask 0x87, 2022-12-27, rev 0x2b000181, size 561152 sig 0x000806f5, pfmas...

MGASA-2023-0085 Updated microcode packages fix security vulnerabilities

Updated microcode packages fix security vulnerabilities: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access CVE-2022-21216...

Updated microcode packages fix security vulnerabilities

Updated microcode packages fix security vulnerabilities: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access CVE-2022-21216...

Missing Linux Kernel mitigations for 'RETbleed' hardware vulnerabilities (INTEL-SA-00702, AMD-SB-1037)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Intel CPU vulnerabilities fixed. But should you update?

Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs. The normal gut reaction would be to install out of band updates as soon as possible. Microsoft wouldnt be releasing the updates ahead of the regular cycle without good reason, would it? Well, mayb...

SUSE-SU-2023:0568-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20230214 release. Security issues fixed: - CVE-2022-38090: Security updates for INTEL-SA-00767 bsc1208275 - CVE-2022-33196: Security updates for INTEL-SA-00738 bsc1208276 - CVE-2022-21216: Security updates for...