Stay Vigilant with Timely Linux Security Advisories

security advisorySuSEkernel patch

Critical Security Advisory SUSE-SU-2026-20178-1 for SUSE Linux Micro 6.2

# Security update for ucode-amd Announcement ID: SUSE-SU-2026:20173-1 Release Date: 2026-01-28T16:01:59Z Rating: important References:. # Security update for ucode-amd Announcement ID: SUSE-SU-2026:20173-1 Release Date: 2026-01-28T16:01:59Z Rating: important References: Affected Products: * SUSE Linux Micro 6.2 An update that can now be installed. ## Description: This update for ucode-amd fixes the following issues: Changes in ucode-amd: * Update to version 20251203 (git commit a0f0e52138e5): * linux-firmware: Update amd-ucode copyright information * linux-firmware: Update AMD cpu microcode * Update to version 20251113 (git commit fb0dbcd30118): * linux-firmware: Update AMD cpu microcode * Update to version 20251031 (git commit 04b323bb64f9): * linux-firmware: Update AMD cpu microcode * Update to version 20251028 (git commit 4f72031fc195): * linux-firmware: Update AMD cpu microcode * Update to version 20251024 (git commit 9b899c779b8a): * amd-ucode: Fix minimum revisions in README * Update to version 20250730 (git commit 910c19074091): * linux-firmware: Update AMD cpu microcode ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-209=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * ucode-amd-20251203-160000.1.1 . SUSE's important security update for ucode-amd fixes multiple AMD CPU microcode issues. Action recommended for users.. SUSE security update, ucode-amd patch, AMD CPU microcode, SUSE Linux Micro, important security advisory. . Severity: Important. LinuxSecurity.com Team

Feb 02, 2026 •Important SuSE

security advisorydenial of servicecritical

SUSE: 2025:20158-1 critical: ucode-intel denial of service

* bsc#1237096 Cross-References: * CVE-2024-31068 * CVE-2024-36293 . # Security update for ucode-intel Announcement ID: SUSE-SU-2025:20158-1 Release Date: 2025-03-24T12:15:39Z Rating: important References: * bsc#1237096 Cross-References: * CVE-2024-31068 * CVE-2024-36293 * CVE-2024-37020 * CVE-2024-39355 CVSS scores: * CVE-2024-31068 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-31068 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-36293 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-37020 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-37020 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-39355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39355 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-39355 ( NVD): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-39355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01166.html * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. * Security updates for INTEL-SA-01213 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01213.html * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. * Security updates forINTEL-SA-01139 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01139.html * not clear which CVEs are fixed here, and which are in UEFI BIOS updates. * Security updates for INTEL-SA-01228 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01228.html * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. * Security updates for INTEL-SA-01194 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/security-center/advisory/intel- sa-01194.html * CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial ofservice. Intel is releasing software updates to mitigate this potential vulnerability. * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 13th/14th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/637780/637780_3rd_Gen_Xeon_Scalable_Spec_Update_024US.pdf for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2-public.intel.com/709192/709192_Intel%C2%AE%20Xeon%C2%AE%20E-2300%20Processor%20Family%20Specification%20Update_Rev004US.pdf for details. * Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2-public.intel.com/764616/764616_004.pdf for details ### New Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products SRF-SP C0 06-af-03/01 03000330 Xeon 6700-Series Processors with E-Cores ### Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000037 00000038 Core Gen12 ADL H0 06-97-05/07 00000037 00000038 Core Gen12 ADLL0 06-9a-03/80 00000435 00000436 Core Gen12 ADL R0 06-9a-04/80 00000435 00000436 Core Gen12 ADL-N N0 06-be-00/19 0000001a 0000001c Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E AZB A0/R0 06-9a-04/40 00000007 00000009 Intel(R) Atom(R) C1100 CFL-H R0 06-9e-0d/22 00000100 00000102 Core Gen9 Mobile CFL-H/S/E3 U0 06-9e-0a/22 000000f8 000000fa Core Gen8 Desktop, Mobile, Xeon E EMR-SP A0 06-cf-01/87 21000283 21000291 Xeon Scalable Gen5 EMR-SP A1 06-cf-02/87 21000283 21000291 Xeon Scalable Gen5 ICL-D B0 06-6c-01/10 010002b0 010002c0 Xeon D-17xx, D-27xx ICX-SP Dx/M1 06-6a-06/87 0d0003e7 0d0003f5 Xeon Scalable Gen3 RPL-E/HX/S B0 06-b7-01/32 0000012b 0000012c Core Gen13/Gen14 RPL-H/P/PX 6+8 J0 06-ba-02/e0 00004123 00004124 Core Gen13 RPL-HX/S C0 06-bf-02/07 00000037 00000038 Core Gen13/Gen14 RPL-U 2+8 Q0 06-ba-03/e0 00004123 00004124 Core Gen13 RPL-S H0 06-bf-05/07 00000037 00000038 Core Gen13/Gen14 RKL-S B0 06-a7-01/02 00000062 00000063 Core Gen11 SPR-HBM Bx 06-8f-08/10 2c000390 2c0003e0 Xeon Max SPR-SP E4/S2 06-8f-07/87 2b000603 2b000620 Xeon Scalable Gen4 SPR-SP E5/S3 06-8f-08/87 2b000603 2b000620 Xeon Scalable Gen4 TWL N0 06-be-00/19 0000001a 0000001c Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases Processor Stepping F-M-S/PI Old Ver New Ver Products CFL-H/S P0 06-9e-0c/22 000000f6 000000f8 Core Gen9 ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-257=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * ucode-intel-20250211-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31068.html * https://www.suse.com/security/cve/CVE-2024-36293.html * https://www.suse.com/security/cve/CVE-2024-37020.html * https://www.suse.com/security/cve/CVE-2024-39355.html * https://bugzilla.suse.com/show_bug.cgi?id=1237096 . This bulletin emphasizes key developments concerning TUCE-2025-20159-2 related to vulnerabilities in AMD firmware security.. SUSE Update, Intel Microcode, Security Advisory, Denial Of Service,”Critical Update. . Severity: Critical. LinuxSecurity.com Team

Jun 04, 2025 •Critical SuSE

security advisorydenial of serviceSUSE

SUSE: 2025:20286-1 important: ucode-intel security update

* bsc#1233313 * bsc#1237096 Cross-References: * CVE-2024-21820 . # Security update for ucode-intel Announcement ID: SUSE-SU-2025:20286-1 Release Date: 2025-03-28T13:56:24Z Rating: important References: * bsc#1233313 * bsc#1237096 Cross-References: * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24968 * CVE-2024-31068 * CVE-2024-36293 * CVE-2024-37020 * CVE-2024-39355 CVSS scores: * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-31068 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-36293 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-37020 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-37020 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-39355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39355 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-39355 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-39355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves nine vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01166.html * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. * Security updates for INTEL-SA-01213 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01213.html * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. * Security updates for INTEL-SA-01139 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01139.html * not clear which CVEs are fixed here, and which are in UEFI BIOS updates. * Security updates for INTEL-SA-01228 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01228.html * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. * Security updates for INTEL-SA-01194 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01194.html * CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Refer to 13th/14th Generation Intel Core Processor Specification Update for details. * Refer to 12th Generation Intel Core Processor Family for details. * Refer to 11th Gen Intel Core Processor Specification Update for details. * Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/637780/637780_3rd_Gen_Xeon_Scalable_Spec_Update_024US.pdf for details. * Refer to Intel XeonD-2700 Processor Specification Update for details. * Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2-public.intel.com/709192/709192_Intel%C2%AE%20Xeon%C2%AE%20E-2300%20Processor%20Family%20Specification%20Update_Rev004US.pdf for details. * Refer to Intel Xeon 6700-Series Processor Specification Update for details. * Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2-public.intel.com/764616/764616_004.pdf for details ### New Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products SRF-SP C0 06-af-03/01 03000330 Xeon 6700-Series Processors ### Updated Platforms Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000037 00000038 Core Gen12 ADL H0 06-97-05/07 00000037 00000038 Core Gen12 ADL L0 06-9a-03/80 00000435 00000436 Core Gen12 ADL R0 06-9a-04/80 00000435 00000436 Core Gen12 ADL-N N0 06-be-00/19 0000001a 0000001c Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E AZB A0/R0 06-9a-04/40 00000007 00000009 Intel(R) Atom(R) C1100 CFL-H R0 06-9e-0d/22 00000100 00000102 Core Gen9 Mobile CFL-H/S/E3 U0 06-9e-0a/22 000000f8 000000fa Core Gen8 Desktop, Mobile, Xeon E EMR-SP A0 06-cf-01/87 21000283 21000291 Xeon Scalable Gen5 EMR-SP A1 06-cf-02/87 21000283 21000291 Xeon Scalable Gen5 ICL-D B0 06-6c-01/10 010002b0 010002c0 Xeon D-17xx, D-27xx ICX-SP Dx/M1 06-6a-06/87 0d0003e7 0d0003f5 Xeon Scalable Gen3 RPL-E/HX/S B0 06-b7-01/32 0000012b 0000012c Core Gen13/Gen14 RPL-H/P/PX 6+8 J0 06-ba-02/e0 00004123 00004124 Core Gen13 RPL-HX/S C0 06-bf-02/07 00000037 00000038 Core Gen13/Gen14 RPL-U 2+8 Q0 06-ba-03/e0 00004123 00004124 Core Gen13 RPL-S H0 06-bf-05/07 00000037 00000038 Core Gen13/Gen14 RKL-S B0 06-a7-01/02 00000062 00000063 Core Gen11 SPR-HBM Bx 06-8f-08/10 2c000390 2c0003e0 Xeon Max SPR-SP E4/S2 06-8f-07/87 2b000603 2b000620 Xeon Scalable Gen4 SPR-SP E5/S3 06-8f-08/87 2b000603 2b000620 Xeon Scalable Gen4 TWL N0 06-be-00/19 0000001a 0000001c Corei3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases Processor Stepping F-M-S/PI Old Ver New Ver Products CFL-H/S P0 06-9e-0c/22 000000f6 000000f8 Core Gen9 * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. Security updates for INTEL-SA-01101 * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. Security updates for INTEL-SA-01079 * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. Security updates for INTEL-SA-01079 * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. Updated security updates for INTEL- SA-01097 * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access Updated security updates for INTEL-SA-01103 * Update for functional issues. * Refer to Intel Core Ultra Processor for details. * Refer to 14th/13th Generation Intel Core Processor Specification Update for details. * Refer to 12th Generation Intel Core Processor Family for details. * Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Refer to 3rd Generation IntelXeon Processor Scalable Family Specification Update for details. * Refer to Intel Xeon D-2700 Processor Specification Update for details. * Refer to Intel Xeon D-1700 and D-1800 Processor Family Specification Update for details New Platforms: Processor Stepping F-M-S/PI Old Ver New Ver Products Updated Platforms: Processor Stepping F-M-S/PI Old Ver New Ver Products ADL C0 06-97-02/07 00000036 00000037 Core Gen12 ADL H0 06-97-05/07 00000036 00000037 Core Gen12 ADL L0 06-9a-03/80 00000434 00000435 Core Gen12 ADL R0 06-9a-04/80 00000434 00000435 Core Gen12 EMR-SP A0 06-cf-01/87 21000230 21000283 Xeon Scalable Gen5 EMR-SP A1 06-cf-02/87 21000230 21000283 Xeon Scalable Gen5 MTL C0 06-aa-04/e6 0000001f 00000020 Coreâ¢ Ultra Processor RPL-H/P/PX 6+8 J0 06-ba-02/e0 00004122 00004123 Core Gen13 RPL-HX/S C0 06-bf-02/07 00000036 00000037 Core Gen13/Gen14 RPL-S H0 06-bf-05/07 00000036 00000037 Core Gen13/Gen14 RPL-U 2+8 Q0 06-ba-03/e0 00004122 00004123 Core Gen13 SPR-SP E3 06-8f-06/87 2b0005c0 2b000603 Xeon Scalable Gen4 SPR-SP E4/S2 06-8f-07/87 2b0005c0 2b000603 Xeon Scalable Gen4 SPR-SP E5/S3 06-8f-08/87 2b0005c0 2b000603 Xeon Scalable Gen4 New Disclosures Updated in Prior Releases: Processor Stepping F-M-S/PI Old Ver New Ver Products ICL-D B0 06-6c-01/10 010002b0 N/A Xeon D-17xx/D-18xx, D-27xx/D-28xx ICX-SP Dx/M1 06-6a-06/87 0d0003e7 N/A Xeon Scalable Gen3 * Intel CPU Microcode was updated to the 20241029 release Update for functional issues. Refer to 14th/13th Generation Intel Core Processor Specification Update for details. Updated Platforms: Processor Stepping F-M-S/PI Old Ver New Ver Products RPL-E/HX/S B0 06-b7-01/32 00000129 0000012b Core Gen13/Gen14 ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed foryour product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-26=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * ucode-intel-20250211-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://www.suse.com/security/cve/CVE-2024-31068.html * https://www.suse.com/security/cve/CVE-2024-36293.html * https://www.suse.com/security/cve/CVE-2024-37020.html * https://www.suse.com/security/cve/CVE-2024-39355.html * https://bugzilla.suse.com/show_bug.cgi?id=1233313 * https://bugzilla.suse.com/show_bug.cgi?id=1237096 . This critical SUSE security notice highlights several Intel microcode flaws impacting both security and system efficiency.. Intel Security, SUSE Microcode, Denial of Service Fixes, ucode-intel Patch. . Severity: Important. LinuxSecurity.com Team

Jun 04, 2025 •Important SuSE

security advisorydenial of serviceimportant

SUSE: 2025:1032-1 important: microcode_ctl Security Advisory Updates

* bsc#1206418 * bsc#1211382 * bsc#1214099 * bsc#1215278 * bsc#1221323 . # Security update for microcode_ctl Announcement ID: SUSE-SU-2025:1032-1 Release Date: 2025-03-26T14:22:25Z Rating: important References: * bsc#1206418 * bsc#1211382 * bsc#1214099 * bsc#1215278 * bsc#1221323 * bsc#1224277 * bsc#1229129 * bsc#1230400 * bsc#1233313 * bsc#1237096 Cross-References: * CVE-2022-40982 * CVE-2022-41804 * CVE-2023-22655 * CVE-2023-23583 * CVE-2023-23908 * CVE-2023-28746 * CVE-2023-38575 * CVE-2023-39368 * CVE-2023-42667 * CVE-2023-43490 * CVE-2023-45733 * CVE-2023-45745 * CVE-2023-46103 * CVE-2023-47855 * CVE-2023-49141 * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24853 * CVE-2024-24968 * CVE-2024-24980 * CVE-2024-25939 * CVE-2024-31068 * CVE-2024-36293 * CVE-2024-37020 * CVE-2024-39355 CVSS scores: * CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2022-41804 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H * CVE-2022-41804 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H * CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2023-23583 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-23583 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23583 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-23908 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-23908 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-42667 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2023-45733 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45745 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2023-46103 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47855 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-49141 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-49141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-49141 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-49141 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24980 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N * CVE-2024-24980 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2024-25939 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-25939 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-31068 ( SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-36293 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-37020 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-37020 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-39355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39355 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-39355 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-39355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves 27 vulnerabilities can now be installed. ##Description: This update for microcode_ctl fixes the following issues: * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. (bsc#1237096) * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. (bsc#1237096) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. (bsc#1233313) * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1233313) * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1233313) * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. (bsc#1230400) * CVE-2024-23984:Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. (bsc#1230400) * CVE-2024-24853: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2024-25939: Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. (bsc#1229129) * CVE-2024-24980: Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-42667: Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-49141: Improper isolation in some Intel(R) Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2023-45733: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (bsc#1224277) * CVE-2023-46103: Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. (bsc#1224277) * CVE-2023-45745: Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1224277) * CVE-2023-47855: Improper input validation in someIntel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1224277) * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access. (bsc#1221323) * CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-22655: Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1221323) * CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel SGX may allow a privileged user to potentially enable information disclosure via local access. (bsc#1221323) * CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation (bsc#1215278) * CVE-2022-40982: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (bsc#1206418) * CVE-2023-23908: Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2022-41804: Unauthorized error injection in Intel(R) SGX or Intel(R) TDX forsome Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Other fixes: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01166.html * Security updates for INTEL-SA-01213 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01213.html * Security updates for INTEL-SA-01139 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01139.html * Security updates for INTEL-SA-01228 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01228.html * Security updates for INTEL-SA-01194 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01194.html * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update forfunctional issues. Refer to 13th/14th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/637780/637780_3rd_Gen_Xeon_Scalable_Spec_Update_024US.pdf for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update https://cdrdv2-public.intel.com/709192/709192_Intel%C2%AE%20Xeon%C2%AE%20E-2300%20Processor%20Family%20Specification%20Update_Rev004US.pdf for details. * Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2-public.intel.com/764616/764616_004.pdf for details * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * Security updates for INTEL-SA-01101. * Security updates for INTEL-SA-01079. * Security updates for INTEL-SA-01079. * Updated security updates for INTEL-SA-01097. * Updated security updates for INTEL-SA-01103. * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 14th/13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-1700 and D-1800 Processor Family Specification Update for details * Intel CPU Microcode was updated to the 20241029 release (bsc#1230400) * Update for functional issues. Refer to 14th/13th Generation Intel Core Processor Specification Update for details. * Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) * Security updates for INTEL-SA-01103 * Security updates for INTEL-SA-01097 * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Intel CPU Microcode was updated to the 20240813 release (bsc#1229129) * Security updates for INTEL-SA-01083 * Security updates for INTEL-SA-01118 * Security updates for INTEL-SA-01100 * Security updates for INTEL-SA-01038 * Security updates for INTEL-SA-01046 * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functionalissues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update for details * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications for details. * Intel CPU Microcode was updated to 20240531 release: * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update * Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) * Security updates for INTEL-SA-01051 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01051.html * Security updates for INTEL-SA-01052 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01052.html * Security updates for INTEL-SA-01036 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01036.html * Update for functional issues. Refer to 5th Gen Intel Xeon Processor Scalable Family for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 14th 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2-public.intel.com/764616/764616_004.pdf for details. * * Intel CPU Microcode was updated to 20240312 release. (bsc#1221323) * Security updates for INTEL-SA-INTEL-SA-00972 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-00972.html *Security updates for INTEL-SA-INTEL-SA-00982 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-00982.html * Security updates for INTEL-SA-INTEL-SA-00898 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-00898.html * Security updates for INTEL-SA-INTEL-SA-00960 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-00960.html * Security updates for INTEL-SA-INTEL-SA-01045 https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= sa-01045.html * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update https://cdrdv2-public.intel.com/615213/615213_013.pdf for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update https://cdrdv2-public.intel.com/338025/338025_007.pdf for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update https://cdrdv2-public.intel.com/634897/634897_3rd%20Generation%20Intel%20Xeon%20Scalable%20Processors%20codename%20Cooper%20Lake%20Specification%20Update_Rev015US.pdf for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/637780/637780_3rd_Gen_Xeon_Scalable_Spec_Update_024US.pdf for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/338848/338848_2nd%20Gen%20Intel%C2%AE%20Xeon%C2%AE%20Scalable%20Processors%20Specification%20Update_Rev028US.pdf for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series https://cdrdv2-public.intel.com/764616/764616_004.pdf for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Updatehttps://cdrdv2-public.intel.com/709192/709192_Intel%C2%AE%20Xeon%C2%AE%20E-2300%20Processor%20Family%20Specification%20Update_Rev004US.pdf for details. * Update for functional issues. Refer to Intel Xeon Processor Scalable Family Specification Update https://cdrdv2-public.intel.com/613537/613537_Intel%C2%AE%20Xeon%C2%AE%20Processor%20Scalable%20Family%20Specification%20Update_Rev033US.pdf for details. * Update for functional issues. Refer to Intel Atom C3000 Processor Product Family Specification Update https://cdrdv2-public.intel.com/336345/336345_C3000_SU_Rev022.pdf for details. * Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications https://cdrdv2-public.intel.com/636674/636674_Intel_Atom_Pentium_Celeron_Public_SpecUpdate_rev2p2.pdf for details. * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2-public.intel.com/336562/336562_Intel%C2%AE%20Pentium%C2%AE%20Silver%20and%20Intel%C2%AE%20Celeron%C2%AE%20Processors%20_rev007.pdf for details. * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update https://cdrdv2-public.intel.com/634542/634542-001.pdf for details. * Intel CPU Microcode was updated to 20231114 release. (bsc#1215278) * Security updates for INTEL-SA-00950 * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update fordetails. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Intel CPU Microcode was updated to 20231114 pre-release (labeled 20231113). (bsc#1215278) * Intel CPU Microcode was updated to 20230808 release. (bsc#1214099) * Security updates for INTEL-SA-00828 (bsc#1206418) * Security updates for INTEL-SA-00836 * Security updates for INTEL-SA-00837 * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable FamilySpecification Update for details. * Update for functional issues. Refer to Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon D-2100 Processor Specification Update for details. * Intel CPU Microcode was updated to 20230613 release. * Intel CPU Microcode was updated to 20230512 release. * Intel CPU Microcode was updated to 20230512 release. (bsc#1211382) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1032=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-1032=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * microcode_ctl-1.17-102.83.81.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * microcode_ctl-1.17-102.83.81.1 ## References: * https://www.suse.com/security/cve/CVE-2022-40982.html * https://www.suse.com/security/cve/CVE-2022-41804.html * https://www.suse.com/security/cve/CVE-2023-22655.html * https://www.suse.com/security/cve/CVE-2023-23583.html * https://www.suse.com/security/cve/CVE-2023-23908.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-38575.html * https://www.suse.com/security/cve/CVE-2023-39368.html * https://www.suse.com/security/cve/CVE-2023-42667.html *https://www.suse.com/security/cve/CVE-2023-43490.html * https://www.suse.com/security/cve/CVE-2023-45733.html * https://www.suse.com/security/cve/CVE-2023-45745.html * https://www.suse.com/security/cve/CVE-2023-46103.html * https://www.suse.com/security/cve/CVE-2023-47855.html * https://www.suse.com/security/cve/CVE-2023-49141.html * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://www.suse.com/security/cve/CVE-2024-24980.html * https://www.suse.com/security/cve/CVE-2024-25939.html * https://www.suse.com/security/cve/CVE-2024-31068.html * https://www.suse.com/security/cve/CVE-2024-36293.html * https://www.suse.com/security/cve/CVE-2024-37020.html * https://www.suse.com/security/cve/CVE-2024-39355.html * https://bugzilla.suse.com/show_bug.cgi?id=1206418 * https://bugzilla.suse.com/show_bug.cgi?id=1211382 * https://bugzilla.suse.com/show_bug.cgi?id=1214099 * https://bugzilla.suse.com/show_bug.cgi?id=1215278 * https://bugzilla.suse.com/show_bug.cgi?id=1221323 * https://bugzilla.suse.com/show_bug.cgi?id=1224277 * https://bugzilla.suse.com/show_bug.cgi?id=1229129 * https://bugzilla.suse.com/show_bug.cgi?id=1230400 * https://bugzilla.suse.com/show_bug.cgi?id=1233313 * https://bugzilla.suse.com/show_bug.cgi?id=1237096 . Microcode_ctl update for SUSE fixes security issues, including potential DoS and escalation of privilege risks.. bsc#1206418, bsc#1211382, bsc#1214099, bsc#1215278, bsc#1221323, security, update, microcod. . Severity: Important. LinuxSecurity.com Team

Mar 26, 2025 •Important SuSE

security advisorymoderatesecurity update

Fedora 40: 2025-dd577cf35f moderate: CPU microcode updates

Update to upstream 2.1-48. 20250211 Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38;. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-dd577cf35f 2025-02-20 02:26:20.996711+00:00 -------------------------------------------------------------------------------- Name : microcode_ctl Product : Fedora 40 Version : 2.1 Release : 61.6.fc40 URL : https://pagure.io/microcode_ctl Summary : Tool to transform and deploy CPU microcode update for x86 Description : The microcode_ctl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-48. 20250211 Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330; Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at revision 0x12c; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05)at revision 0x38; Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603; Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision 0x2c000390; Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603; Removal of 06-8f-06/0x10 microcode at revision 0x2c000390; Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel- ucode/06-ba-08) at revision 0x4123; Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; Removal of 06-ba-08/0xe0 microcode at revision 0x4123; Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7 up to 0xd0003f5; Update of 06-6c-01/0x10 (ICL-DB0) microcode from revision 0x10002b0 up to 0x10002c0; Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b000603 up to 0x2b000620; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-97-02/0x07 (ADL-HX/S 8+8C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x435 up to 0x436; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x435 up to 0x436; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel- ucode/06-9a-04) from revision 0x435 up to 0x436; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435 up to 0x436; Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up to 0x9; Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf8 up to 0xfa; Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0x100 up to 0x102; Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up to 0x63; Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up to 0x12c; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4123 up to 0x4124; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123 up to 0x4124; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up to 0x1c; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283 up to 0x21000291; Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) from revision 0x21000283 up to 0x21000291; Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) from revision 0x21000283 up to 0x21000291; Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283 up to 0x21000291. Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047, CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157, CVE-2024-37020, CVE-2024-39279, CVE-2024-39355, CVE-2024-36293. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 12 2025 Eugene Syromiatnikov 2:2.1-61.6 - Update to upstream 2.1-48. 20250211 - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; - Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330; - Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at revision 0x12c; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; - Addition of 06-bf-07/0x07microcode (in intel-ucode/06-bf-02) at revision 0x38; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision 0x2c000390; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603; - Removal of 06-8f-06/0x10 microcode at revision 0x2c000390; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; - Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; - Removal of 06-ba-08/0xe0 microcode at revision 0x4123; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7 up to 0xd0003f5; - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002b0 up to 0x10002c0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000390 up to 0x2c0003e0; - Update of06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b000603 up to 0x2b000620; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x435 up to 0x436; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x435 up to 0x436; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x435 up to 0x436; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435 up to 0x436; - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up to 0x9; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf8 up to 0xfa; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0x100 up to 0x102; - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up to 0x63; - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up to 0x12c; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4123 up to 0x4124; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to0x4124; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123 up to 0x4124; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; - Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up to 0x1c; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; - Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283 up to 0x21000291; - Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) from revision 0x21000283 up to 0x21000291; - Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) from revision 0x21000283 up to 0x21000291; - Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283 up to 0x21000291. - Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047, CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157, CVE-2024-37020, CVE-2024-39279, CVE-2024-39355,CVE-2024-36293 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-dd577cf35f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Keep abreast of essential security enhancements for Fedora 40’s microcode_ctl tool that tackle significant CPU vulnerabilities.. Fedora Update, Microcode_CTL, CPU Fixes, Intel Microcode, Security Update. . LinuxSecurity.com Team

Feb 20, 2025 Fedora

security advisorymoderatedenial of service

SUSE: 2025:0591-1 moderate: ucode-intel denial of service

* bsc#1237096 Cross-References: * CVE-2024-31068 * CVE-2024-36293 . # Security update for ucode-intel Announcement ID: SUSE-SU-2025:0591-1 Release Date: 2025-02-19T10:35:47Z Rating: moderate References: * bsc#1237096 Cross-References: * CVE-2024-31068 * CVE-2024-36293 * CVE-2024-37020 * CVE-2024-39355 CVSS scores: * CVE-2024-31068 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-31068 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31068 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-31068 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-36293 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-36293 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-36293 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-37020 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-37020 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-37020 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-39355 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39355 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-39355 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-39355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for ucode-intel fixesthe following issues: * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096) * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via local access. * CVE-2024-36293: A potential security vulnerability in some Intel Software Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. * CVE-2024-39355: A potential security vulnerability in some 13th and 14th Generation Intel Core Processors may allow denial of service. Intel is releasing microcode and UEFI reference code updates to mitigate this potential vulnerability. * CVE-2024-37020: A potential security vulnerability in the Intel Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 | 00000436 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB | A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H | R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f8 |000000fa | Core Gen8 Desktop, Mobile, Xeon E | EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR- SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D | B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123 | 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11 | SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | TWL | N0 | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-591=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patchSUSE-SLE-Micro-5.4-2025-591=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-591=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-591=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-591=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-591=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-591=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-591=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-591=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-591=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-591=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-591=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-591=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-591=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-591=1 * SUSE Manager Server 4.3 zypper in -t patchSUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-591=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-591=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-591=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20250211-150200.53.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server for SAPApplications 15 SP4 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20250211-150200.53.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20250211-150200.53.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31068.html * https://www.suse.com/security/cve/CVE-2024-36293.html * https://www.suse.com/security/cve/CVE-2024-37020.html * https://www.suse.com/security/cve/CVE-2024-39355.html * https://bugzilla.suse.com/show_bug.cgi?id=1237096 . Important security notice SUSE: 2025:0592-2 for ucode-amd highlights several vulnerabilities, including potential Denial of Service (DoS) threats.. SUSE Update, CPU Microcode, Intel Issues. . LinuxSecurity.com Team

Feb 19, 2025 SuSE

security advisorydenial of serviceaccess control

Mageia 9: MGASA-2025-0068 critical: Intel Microcode Denial of Service

Improper Finite State Machines (FSMs) in Hardware Logic for some Intel® Processors may allow privileged user to potentially enable denial of service via local access. (CVE-2024-31068) Improper access control in the EDECCSSA user leaf function for some Intel® Processors with Intel® SGX may allow an authenticated user to . MGASA-2025-0068 - Updated microcode packages fix security vulnerabilities Publication date: 17 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0068.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-31068, CVE-2024-36293, CVE-2023-43758, CVE-2024-39355, CVE-2024-37020 Improper Finite State Machines (FSMs) in Hardware Logic for some Intel® Processors may allow privileged user to potentially enable denial of service via local access. (CVE-2024-31068) Improper access control in the EDECCSSA user leaf function for some Intel® Processors with Intel® SGX may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-36293) Improper input validation in UEFI firmware for some Intel® processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-43758) Improper handling of physical or environmental conditions in some Intel® Processors may allow an authenticated user to enable denial of service via local access. (CVE-2024-39355) Sequence of processor instructions leads to unexpected behavior in the Intel® DSA V1.0 for some Intel® Xeon® Processors may allow an authenticated user to potentially enable denial of service via local access. (CVE-2024-37020) References: - https://bugs.mageia.org/show_bug.cgi?id=34020 - https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211 - https://www.cve.org/CVERecord?id=CVE-2024-31068 - https://www.cve.org/CVERecord?id=CVE-2024-36293 - https://www.cve.org/CVERecord?id=CVE-2023-43758 - https://www.cve.org/CVERecord?id=CVE-2024-39355 - https://www.cve.org/CVERecord?id=CVE-2024-37020 SRPMS: -9/nonfree/microcode-0.20250211-1.mga9.nonfree . MGASA-2025-0072 addresses vulnerabilities in AMD chipsets through updated firmware packages.. Microcode Security Advisory, Intel Processors, Mageia Updates, Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Feb 17, 2025 •Critical Mageia

security advisorysecurity issuefedora

Fedora 41 microcode_ctl critical: FEDORA-2025-c99f9d789a security advisory

Update to upstream 2.1-48. 20250211 Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38;. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c99f9d789a 2025-02-16 01:19:56.138994+00:00 -------------------------------------------------------------------------------- Name : microcode_ctl Product : Fedora 41 Version : 2.1 Release : 67.1.fc41 URL : https://pagure.io/microcode_ctl Summary : Tool to transform and deploy CPU microcode update for x86 Description : The microcode_ctl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-48. 20250211 Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330; Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at revision 0x12c; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05)at revision 0x38; Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603; Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision 0x2c000390; Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603; Removal of 06-8f-06/0x10 microcode at revision 0x2c000390; Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; Removal of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel- ucode/06-ba-08) at revision 0x4123; Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; Removal of 06-ba-08/0xe0 microcode at revision 0x4123; Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7 up to 0xd0003f5; Update of 06-6c-01/0x10 (ICL-DB0) microcode from revision 0x10002b0 up to 0x10002c0; Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000390 up to 0x2c0003e0; Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b000603 up to 0x2b000620; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; Update of 06-97-02/0x07 (ADL-HX/S 8+8C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x435 up to 0x436; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x435 up to 0x436; Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel- ucode/06-9a-04) from revision 0x435 up to 0x436; Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435 up to 0x436; Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up to 0x9; Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf8 up to 0xfa; Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0x100 up to 0x102; Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up to 0x63; Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up to 0x12c; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4123 up to 0x4124; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123 up to 0x4124; Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up to 0x1c; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283 up to 0x21000291; Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) from revision 0x21000283 up to 0x21000291; Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) from revision 0x21000283 up to 0x21000291; Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283 up to 0x21000291. Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047, CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157, CVE-2024-37020, CVE-2024-39279, CVE-2024-39355, CVE-2024-36293. -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 12 2025 Eugene Syromiatnikov 2:2.1-67.1 - Update to upstream 2.1-48. 20250211 - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at revision 0x38; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-05) at revision 0x38; - Addition of 06-af-03/0x01 (SRF-SP C0) microcode at revision 0x3000330; - Addition of 06-b7-04/0x32 microcode (in intel-ucode/06-b7-01) at revision 0x12c; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-02) at revision 0x38; - Addition of 06-bf-07/0x07microcode (in intel-ucode/06-bf-02) at revision 0x38; - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-bf-05) at revision 0x38; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode at revision 0x2b000603; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision 0x2c000390; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) at revision 0x2b000603; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) at revision 0x2c000390; - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode at revision 0x2b000603; - Removal of 06-8f-06/0x10 microcode at revision 0x2c000390; - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) at revision 0x2b000603; - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) at revision 0x2c000390; - Removal of06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; - Removal of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-08) at revision 0x4123; - Removal of 06-ba-08/0xe0 microcode at revision 0x4123; - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003e7 up to 0xd0003f5; - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x10002b0 up to 0x10002c0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000390 up to 0x2c0003e0; - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b000603 up to 0x2b000620; - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000390 up to 0x2c0003e0; - Update of06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b000603 up to 0x2b000620; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x37 up to 0x38; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x37 up to 0x38; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x435 up to 0x436; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x435 up to 0x436; - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x435 up to 0x436; - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x435 up to 0x436; - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x7 up to 0x9; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf8 up to 0xfa; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0x100 up to 0x102; - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x62 up to 0x63; - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x12b up to 0x12c; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x4123 up to 0x4124; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to0x4124; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from revision 0x4123 up to 0x4124; - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4123 up to 0x4124; - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from revision 0x4123 up to 0x4124; - Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x1a up to 0x1c; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x37 up to 0x38; - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x37 up to 0x38; - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x37 up to 0x38; - Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000283 up to 0x21000291; - Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) from revision 0x21000283 up to 0x21000291; - Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) from revision 0x21000283 up to 0x21000291; - Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000283 up to 0x21000291. - Addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047, CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157, CVE-2024-37020, CVE-2024-39279, CVE-2024-39355,CVE-2024-36293 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c99f9d789a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 41 has issued a security advisory concerning microcode_ctl, featuring essential updates aimed at resolving numerous security vulnerabilities.. Fedora Microcode Update, Security Advisory, Intel Microcode, Update Information. . Severity: Critical. LinuxSecurity.com Team

Feb 16, 2025 •Critical Fedora

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Explore Latest Linux Security advisories

Critical Security Advisory SUSE-SU-2026-20178-1 for SUSE Linux Micro 6.2

SUSE: 2025:20158-1 critical: ucode-intel denial of service

SUSE: 2025:20286-1 important: ucode-intel security update

SUSE: 2025:1032-1 important: microcode_ctl Security Advisory Updates

Fedora 40: 2025-dd577cf35f moderate: CPU microcode updates

SUSE: 2025:0591-1 moderate: ucode-intel denial of service

Mageia 9: MGASA-2025-0068 critical: Intel Microcode Denial of Service

Fedora 41 microcode_ctl critical: FEDORA-2025-c99f9d789a security advisory

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!