Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisoryupdatedenial serviceSUSE: 2024:1684-1 Important: Ucode-Intel Processor Issues Resolved
* bsc#1224277 Cross-References: * CVE-2023-45733 * CVE-2023-45745 . # Security update for ucode-intel Announcement ID: SUSE-SU-2024:1684-1 Rating: important References: * bsc#1224277 Cross-References: * CVE-2023-45733 * CVE-2023-45745 * CVE-2023-46103 * CVE-2023-47855 CVSS scores: * CVE-2023-45733 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45745 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2023-46103 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47855 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) * CVE-2023-45733: Fixed a potential security vulnerability in some Intel® Processors that may have allowed information disclosure. * CVE-2023-46103: Fixed a potential security vulnerability in Intel® Core⢠Ultra Processors that may have allowed denial of service. * CVE-2023-45745,CVE-2023-47855: Fixed a potential security vulnerabilities in some Intel® Trust Domain Extensions (TDX) module software that may have allowed escalation of privilege. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1684=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1684=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patchSUSE-SLE-SERVER-12-SP5-2024-1684=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45733.html * https://www.suse.com/security/cve/CVE-2023-45745.html * https://www.suse.com/security/cve/CVE-2023-46103.html * https://www.suse.com/security/cve/CVE-2023-47855.html * https://bugzilla.suse.com/show_bug.cgi?id=1224277 . Users of SUSE Linux Enterprise have the option to apply the latest ucode-intel security patches to address severe vulnerabilities found in Intel processors.. ucode-intel Security, Intel Processor Threats, SUSE Security Update. . Severity: Important. LinuxSecurity.com Team
May 20, 2024
•Important
SuSE
100
security advisorymoderatedenial of serviceSUSE: 2024:0917-1 Moderate: Intel Microcode Denial Of Service
* bsc#1221323 Cross-References: * CVE-2023-22655 * CVE-2023-28746 . # Security update for ucode-intel Announcement ID: SUSE-SU-2024:0917-1 Rating: moderate References: * bsc#1221323 Cross-References: * CVE-2023-22655 * CVE-2023-28746 * CVE-2023-38575 * CVE-2023-39368 * CVE-2023-43490 CVSS scores: * CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20240312 release. (bsc#1221323) * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access * CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. * CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. *CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel® SGX may allow a privileged user to potentially enable information disclosure via local access. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22655.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-38575.html * https://www.suse.com/security/cve/CVE-2023-39368.html * https://www.suse.com/security/cve/CVE-2023-43490.html * https://bugzilla.suse.com/show_bug.cgi?id=1221323 . The recent update for ucode-intel targets several vulnerabilities in SUSE Linux, providing users with crucial patching guidance to enhance system security.. SUSE Linux, Microcode Update, Security Patch, Intel CPU Security, Moderate Threats. . LinuxSecurity.com Team
Mar 22, 2024
SuSE
98
security advisoryred hatprivilege escalationRed Hat Enterprise Linux 8.1 RHSA-2021:3176-01 Important: Microcode Update
An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:3176-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3176 Issue date: 2021-08-17 CVE Names: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 ==================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fixes: * hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors(CVE-2020-24511) * hw: observable timingdiscrepancy in some Intel Processors(CVE-2020-24512) Bug Fix(es): * [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates (BZ#1972327) * [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1) latest microcode updates (BZ#1972331) 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1788786 - CVE-2020-0548 hw: Vector Register Data Sampling 1788788 - CVE-2020-0549 hw: L1D Cache Eviction Sampling 1827165 - CVE-2020-0543 hw: Special Register Buffer Data Sampling (SRBDS) 1828583 - CVE-2020-8695 hw: Information disclosure issue in Intel SGX via RAPL interface 1890355 - CVE-2020-8696 hw: Vector Register Leakage-Active 1890356 - CVE-2020-8698 hw: Fast forward store predictor 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors1972327 - [rhel-8.1.0.z] Re-enable 06-5e-03 (SKL-H/S, CPUID 0x506e3) latest microcode updates 1972331 - [rhel-8.1.0.z] Re-enable 06-8c-01 (TGL-UP3/UP4, CPUID 0x806c1) latest microcode updates 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v. 8.1): Source: microcode_ctl-20190618-1.20210608.1.el8_1.src.rpm x86_64: microcode_ctl-20190618-1.20210608.1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2020-0543 https://access.redhat.com/security/cve/CVE-2020-0548 https://access.redhat.com/security/cve/CVE-2020-0549 https://access.redhat.com/security/cve/CVE-2020-8695 https://access.redhat.com/security/cve/CVE-2020-8696 https://access.redhat.com/security/cve/CVE-2020-8698 https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYRt0VNzjgjWX9erEAQjLEhAAmU+Wa567T4GP1Ib92ZJhzoidbsa0o4M/ 3c8Puvp/EzZpRgOTlCJ5ZspxQQV8/uT/2lUmFT4sTEsJasbT42nX0962fQNtGQjX k03wInem61ZGDdOaPzgwCOtGnWKmAhkd+22qzBQaBY4QDTa4I+yP8qJ3wFzNXkV1 YCorxBl67z5JQP3vs+FGTTzxsQMvSn5Q7Hf+vijLx76ecC52v6zTqGx+WPTP3DX/ oEi7j8MpXhAMw+m6NO0/ysXVVjmHWY9u3a+8X1JHTQWKyhSmFTHTjD9L/L8O3z+6 L9pYIY7NQJWZx6NLR12cVDgx9w+PBjem+JcNeOliwHD8RqKzufcd6EKId3X8hq3y j9i6ZKfz2H3ZYdRtQeviEDfGJhg0ZHHqrhqzNfavsToqQtD0tOyaYJLPL5euapLT Ep+ngSEKJPlrmFh3/Gl+XiyoQVQMNq7pVf0onW8BqiEpuILBuCWtiV2YU7nJN9s1 9xpCo87yBz7hu4vIivi4GQ/7jjJzWt9ftmyJp2RRicf97G/SF8JR8uifX2dWAS9M UYGHkSto5OBnyOUUuoF61w//GRy4iX55W50PtfHjxIwckqxmwLVxcE7VFQiyga2K 1EH7FFhsAozxve3AdHgWXPqOPZ30uobu5zrV3Q+DtP2JjU51orFH/9D5mLtJcXTL F/0+gTbtAd8=tIPK -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 17, 2021
•Important
Red Hat
172
security advisorysystem updateubuntuUbuntu 12.04 ESM: USN-4188-1 Critical: Linux Kernel Information Exposure
The system could be made to expose sensitive information.. =========================================================================Ubuntu Security Notice USN-4188-1 November 13, 2019 linux, linux-lts-trusty vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: The system could be made to expose sensitive information. Software Description: - linux: Linux kernel - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM Details: Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: linux-image-3.13.0-175-generic 3.13.0-175.226~12.04.1 linux-image-3.13.0-175-generic-lpae 3.13.0-175.226~12.04.1 linux-image-3.13.0-175-lowlatency 3.13.0-175.226~12.04.1 linux-image-3.2.0-144-generic 3.2.0-144.191 linux-image-3.2.0-144-generic-pae 3.2.0-144.191 linux-image-3.2.0-144-virtual 3.2.0-144.191 linux-image-generic 3.2.0.144.159 linux-image-generic-lpae-lts-trusty 3.13.0.175.163 linux-image-generic-lts-trusty 3.13.0.175.163 linux-image-generic-pae 3.2.0.144.159 linux-image-server 3.2.0.144.159 linux-image-virtual 3.2.0.144.159 Please note that mitigating the TSX (CVE-2019-11135) issue requires a corresponding Intel processor microcode update. After a standard system update you needto reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4188-1 CVE-2019-11135, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915 . Crucial Ubuntu Linux kernel alert highlights potential vulnerabilities leading to private data leaks. Act swiftly to secure your device.. Ubuntu Kernel Vulnerability, Linux Security Update, TSX Exploit Risk, Sensitive Information Exposure. . Severity: Critical. LinuxSecurity.com Team
Nov 12, 2019
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!