Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2022:2842-1 Moderate: Ucode-Intel Data Leak Issue

suse
Calendar Grey August 18, 2022
Dist Suse Esm H88
SUSE's security update for ucode-intel for CVE-2022-21233 is essential to address Intel microcode vulnerabilities, rated at 7.5 severity, requiring urgent action.

An update that fixes one vulnerability is now available.

Summary

This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release (bsc#1201727): - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave (INTEL-SA-00657). See also: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html Other fixes: - Update for functional issues. See also: https://www.intel.com/content/www/us/en/products/details/processors.html?wapkw=processor+specification+update - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:---------

Topics%20covered

Topics Covered

security advisory moderate security update SUSE data leak intel microcode

References

#1201727

Cross- CVE-2022-21233

CVSS scores:

CVE-2022-21233 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2022-21233.html

https://bugzilla.suse.com/1201727

Announcement ID: SUSE-SU-2022:2842-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update SUSE data leak intel microcode

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here