Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: 2025:20058-1 moderate: ucode-intel DoS and Disclosure

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
AMD processor firmware update resolves security vulnerabilities and performance problems in Red Hat. Ensure you install the most recent updates promptly.
* bsc#1230400 Cross-References: * CVE-2024-23984 * CVE-2024-24968

Summary

## This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access ### New Platforms: Processor Stepping F-M-S/PI Old Ver New Ver Products TWL N0 06-be-00/19 0000001a Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### Updated Platforms: Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000035 00000036 Core Gen12

References

* bsc#1230400

Cross-

* CVE-2024-23984

* CVE-2024-24968

CVSS scores:

* CVE-2024-23984 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

* CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

* CVE-2024-23984 ( NVD ): 6.8

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

* CVE-2024-24968 ( SUSE ): 5.6

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

* CVE-2024-24968 ( NVD ): 5.6

Announcement ID: SUSE-SU-2025:20058-1
Release Date: 2025-02-03T08:57:28Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here