SUSE: 2020:1600-1 Moderate: ucode-intel Side Channel Mitigation
suse
June 10, 2020
An update that fixes three vulnerabilities is now available
Summary
This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 (prerelease) (bsc#1172466) This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or "CrossTalk" (bsc#1154824). - CVE-2020-0548,CVE-2020-0549: Additional ucode updates were supplied to mitigate the Vector Register and L1D Eviction Sampling aka "CacheOutAttack" attacks. (bsc#1156353) Microcode Table: Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New
Topics Covered
References
#1154824 #1156353 #1172466
Cross- CVE-2020-0543 CVE-2020-0548 CVE-2020-0549
Affected Products:
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
https://www.suse.com/security/cve/CVE-2020-0543.html
https://www.suse.com/security/cve/CVE-2020-0548.html
https://www.suse.com/security/cve/CVE-2020-0549.html
https://bugzilla.suse.com/1154824
https://bugzilla.suse.com/1156353
https://bugzilla.suse.com/1172466
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:1600-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!