Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2022:2833-1 Moderate: Intel Microcode Data Leak Security Fix

suse
Calendar Grey August 17, 2022
Dist Suse Esm H88
This update for SUSE resolves a moderate urgency concern in ucode-intel. For optimal security, please reboot following the installation.

An update that fixes one vulnerability is now available.

Summary

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release (bsc#1201727): - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave (INTEL-SA-00657). See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html Other fixes: - Update for functional issues. See also: https://www.intel.com/content/www/us/en/products/details/processors.html?wapkw=processor+specification+update - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:---------

Topics%20covered

Topics Covered

security advisory moderate security update SUSE data leak ucode-intel Intel microcode

References

#1201727

Cross- CVE-2022-21233

CVSS scores:

CVE-2022-21233 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products:

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Server for SAP 15

https://www.suse.com/security/cve/CVE-2022-21233.html

https://bugzilla.suse.com/1201727

Announcement ID: SUSE-SU-2022:2833-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update SUSE data leak ucode-intel Intel microcode

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here