Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2025:0591-1 moderate: ucode-intel denial of service

suse
Calendar Grey February 19, 2025
Dist Suse Esm H88
Important security notice SUSE: 2025:0592-2 for ucode-amd highlights several vulnerabilities, including potential Denial of Service (DoS) threats.
* bsc#1237096 Cross-References: * CVE-2024-31068 * CVE-2024-36293

Summary

## This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability.

Topics%20covered

Topics Covered

security advisory moderate denial of service SUSE microcode update SUSE Linux Enterprise ucode-intel Intel vulnerabilities

References

* bsc#1237096

Cross-

* CVE-2024-31068

* CVE-2024-36293

* CVE-2024-37020

* CVE-2024-39355

CVSS scores:

* CVE-2024-31068 ( SUSE ): 5.6

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-31068 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

* CVE-2024-31068 ( NVD ): 5.6

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

* CVE-2024-36293 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

* CVE-2024-36293 ( NVD ): 6.8

Announcement ID: SUSE-SU-2025:0591-1
Release Date: 2025-02-19T10:35:47Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate denial of service SUSE microcode update SUSE Linux Enterprise ucode-intel Intel vulnerabilities

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here