Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

SUSE 12 GA Intel Firmware Key Vulnerability Resolution SUSE-SU-2026-0735-2

suse
Calendar Grey February 26, 2026
Dist Suse Esm H88
Critical security update for SUSE addressing important Intel microcode issues and potential privilege escalations now available.
An update that solves two vulnerabilities can now be installed.

Summary

## This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20260210 release (bsc#1258046) * CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege. (bsc#1258046)

References

* bsc#1229129

* bsc#1258046

Cross-

* CVE-2024-24853

* CVE-2025-31648

CVSS scores:

* CVE-2024-24853 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-31648 ( SUSE ): 1.8

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-31648 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

* CVE-2025-31648 ( NVD ): 1.8

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:0670-1
Release Date: 2026-02-26T15:21:41Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.