Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2021-2163)

Summary IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat CVE-2021-2163 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat due to use of OpenSSL (CVE-2022-2068)

Summary IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat CVE-2022-2068 due to the use of OpenSSL. OpenSSL is used by the TS7700 to provide cryptographic capabilities. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability Details...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to multiple threats due to use of IBM WebSphere Application Server Liberty (CVE-2022-34165, CVE-2022-22476)

Summary IBM Virtualization Engine TS7700 is vulnerable to HTTP header injection CVE-2022-34165 and identity spoofing CVE-2022-22476 due to the use of IBM WebSphere Application Server Liberty. WebSphere Application Server Liberty is used by the TS7700 to provide the Management Interface. IBM...

microcode_ctl bug fix and enhancement update

An update is available for microcodectl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel processors...

2022.1 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21151 Description: Processor optimization removal or modification of...

2022.2 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-21233 Description: Improper isolation of shared resources in some IntelR...

3rd Generation Intel® Xeon® Scalable Processors Advisory

Summary: A potential security vulnerability in some 3rd Generation Intel® Xeon® Scalable Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33117 Description: Improper access control for...

Security Bulletin: Due to use of IBM® SDK Java™ Technology Edition, IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat (CVE-2022-21496)

Summary IBM Virtualization Engine TS7700 is vulnerable to a data integrity threat CVE-2022-21496 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud Tiering...

Ubuntu: Security Advisory (USN-5612-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5612-1 intel-microcode vulnerability

Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Intel Microcode vulnerability (USN-5612-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5612-1 advisory. Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did...

openSUSE: Security Advisory for ucode-intel (SUSE-SU-2022:2960-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:2960-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2960-2 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...

SUSE-SU-2022:2960-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release bsc1201727: - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave INTEL-SA-00657. See also:...

Security Bulletin: Due to use of OpenSSL, IBM Virtualization Engine TS7700 is vulnerable to denial of service (CVE-2022-0778) and privilege escalation (CVE-2022-1292)

Summary IBM Virtualization Engine TS7700 is vulnerable to denial of service CVE-2022-0778 and privilege escalation CVE-2022-1292 due to the use of OpenSSL. OpenSSL is used by IBM Virtualization Engine TS7700 for inbound and outbound TLS connections other than those provided by the Management...

Mageia: Security Advisory (MGASA-2022-0304)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4182-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4182-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5535-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...