Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2025:1032-1 important: microcode_ctl Security Advisory Updates

suse
Calendar Grey March 26, 2025
Dist Suse Esm H88
Microcode_ctl update for SUSE fixes security issues, including potential DoS and escalation of privilege risks.
* bsc#1206418 * bsc#1211382 * bsc#1214099 * bsc#1215278 * bsc#1221323

Summary

## This update for microcode_ctl fixes the following issues: * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. (bsc#1237096) * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. (bsc#1237096)

Topics%20covered

Topics Covered

security advisory denial of service important microcode update SUSE Linux Enterprise escalation of privilege

References

* bsc#1206418

* bsc#1211382

* bsc#1214099

* bsc#1215278

* bsc#1221323

* bsc#1224277

* bsc#1229129

* bsc#1230400

* bsc#1233313

* bsc#1237096

Cross-

* CVE-2022-40982

* CVE-2022-41804

* CVE-2023-22655

* CVE-2023-23583

* CVE-2023-23908

* CVE-2023-28746

* CVE-2023-38575

* CVE-2023-39368

* CVE-2023-42667

* CVE-2023-43490

* CVE-2023-45733

* CVE-2023-45745

* CVE-2023-46103

* CVE-2023-47855

* CVE-2023-49141

* CVE-2024-21820

* CVE-2024-21853

* CVE-2024-23918

* CVE-2024-23984

* CVE-2024-24853

* CVE-2024-24968

* CVE-2024-24980

* CVE-2024-25939

* CVE-2024-31068

* CVE-2024-36293

* CVE-2024-37020

* CVE-2024-39355

CVSS scores:

* CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:1032-1
Release Date: 2025-03-26T14:22:25Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service important microcode update SUSE Linux Enterprise escalation of privilege

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here