Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

UNIX Platform Upgrade 2026-03-19 Announcement FILE-UNI-2026-20201-3

suse
Calendar Grey April 1, 2026
Dist Suse Esm H88
An SUSE security advisory addressing two Intel microcode vulnerabilities with moderate severity and fixes available.
An update that solves two vulnerabilities and has three fixes can now be installed.

Summary

## This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20260210 release (bsc#1258046): * CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access (bsc#1229129). * CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege (bsc#1258046). * Intel CPU Microcode was updated to the 20251111 release (bsc#1253319): * Update for functional issues. * switch the supplements to use supplements + kernel to allow moving a installation to Intel hardware (bsc#1249138)

References

* bsc#1229129

* bsc#1230400

* bsc#1249138

* bsc#1253319

* bsc#1258046

Cross-

* CVE-2024-24853

* CVE-2025-31648

CVSS scores:

* CVE-2024-24853 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

* CVE-2025-31648 ( SUSE ): 1.8

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2025-31648 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

* CVE-2025-31648 ( NVD ): 1.8

Announcement ID: SUSE-SU-2026:20941-1
Release Date: 2026-03-19T09:31:38Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here