CVE-2019-0117

Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5, v6 Families; IntelR XeonR E-2100 & E-2200 Processor Families with IntelR Processor Graphics may allow a privileged user t...

CVE-2019-0155

CVE-2019-0155 involves insufficient access control in Intel processor graphics subsystems across multiple generations. The issue could allow an authenticated local user to potentially escalate privileges. Affected components include Intel Graphics Driver for Windows (before 26.20.100.6813/6812) a...

CVE-2019-0155

Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...

CVE-2019-0185

CVE-2019-0185 concerns insufficient access control in the protected memory subsystem for System Management Mode (SMM) on Intel processors. Affected are 6th–9th Gen Intel Core CPUs, Intel Xeon E3-1500 v5/v6, and Intel Xeon E-2100/E-2200 families with Intel Processor Graphics. The root cause is ina...

CVE-2019-0154

CVE-2019-0154 involves insufficient access control in the Intel processor graphics subsystem affecting 6th–9th Gen Intel Core, Pentium (J/N/Silver/Gold), Celeron J/N/G3900/G4900, Atom A/E3900, and Xeon E3-1500/v5/v6 and E-2100 family. The vulnerability may allow an authenticated, local attacker t...

CVE-2019-0154

Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series;...

Input validation

Insufficient input validation in system firmware for IntelR XeonR Scalable Processors, IntelR XeonR Processors D Family, IntelR XeonR Processors E5 v4 Family, IntelR XeonR Processors E7 v4 Family and IntelR AtomR processor C Series may allow a privileged user to potentially enable escalation of...

OPENSUSE-SU-2019:2509-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to 20191112 security release bsc1155988 - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile -...

OPENSUSE-SU-2019:2504-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to 20191112 security release bsc1155988 - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile -...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability and regression (USN-4185-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4185-3 advisory. USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer...

Debian DSA-4566-1 : qemu - security update

This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors cf. DSA 4564-1. C Tenable Network Security, Inc...

Ubuntu: Security Advisory (USN-4184-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure Vulnerability in Multiple Intel Products (CNVD-2019-47000)

The Intel Core Processor i7-8500Y is a Core i7 series CPU.The Intel Xeon Platinum Processor 8253 is a Xeon Platinum series server CPU.The Intel Xeon Gold Processor 5215 is a Xeon Gold series server CPU.The Intel Xeon Gold Processor 5215 is a Xeon Gold series server CPU.The Intel Xeon Gold Process...

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2019:2504-1 Rating: important References: 1139073 1141035 1155988 Cross-References: CVE-2019-11135 CVE-2019-11139 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and has one erra...

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2019:2509-1 Rating: important References: 1139073 1141035 1155988 Cross-References: CVE-2019-11135 CVE-2019-11139 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one erra...

USN-4186-3 linux vulnerability

USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details:...

hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

A flaw was found in the Intel graphics hardware GPU, where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to th...

SUSE-SU-2019:14217-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: - Updated to 20191112 security release bsc1155988 - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile -...

Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices

A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module TPM is a...

USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities

USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi,...