Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
100
security advisoryDoSimportantSUSE: 2020:3416-1 Important: Xen Intel RAPL Sidechannel Fix
An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3416-1 Rating: important References: #1177950 #1178591 Cross-References: CVE-2020-28368 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for xen fixes the following issues: Security issue fixed: - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 (bsc#1178591). Non-security issue fixed: - Adjusted help for --max_iters, default is 5 (bsc#1177950). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-3416=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3416=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3416=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (x86_64): xen-4.10.4_20-3.47.1 xen-debugsource-4.10.4_20-3.47.1 xen-devel-4.10.4_20-3.47.1 xen-libs-4.10.4_20-3.47.1 xen-libs-debuginfo-4.10.4_20-3.47.1 xen-tools-4.10.4_20-3.47.1 xen-tools-debuginfo-4.10.4_20-3.47.1 xen-tools-domU-4.10.4_20-3.47.1 xen-tools-domU-debuginfo-4.10.4_20-3.47.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): xen-4.10.4_20-3.47.1 xen-debugsource-4.10.4_20-3.47.1 xen-devel-4.10.4_20-3.47.1 xen-libs-4.10.4_20-3.47.1 xen-libs-debuginfo-4.10.4_20-3.47.1 xen-tools-4.10.4_20-3.47.1 xen-tools-debuginfo-4.10.4_20-3.47.1 xen-tools-domU-4.10.4_20-3.47.1 xen-tools-domU-debuginfo-4.10.4_20-3.47.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): xen-4.10.4_20-3.47.1 xen-debugsource-4.10.4_20-3.47.1 xen-devel-4.10.4_20-3.47.1 xen-libs-4.10.4_20-3.47.1 xen-libs-debuginfo-4.10.4_20-3.47.1 xen-tools-4.10.4_20-3.47.1 xen-tools-debuginfo-4.10.4_20-3.47.1 xen-tools-domU-4.10.4_20-3.47.1 xen-tools-domU-debuginfo-4.10.4_20-3.47.1 References: https://www.suse.com/security/cve/CVE-2020-28368.html https://bugzilla.suse.com/1177950 https://bugzilla.suse.com/1178591 . Crucial SUSE Security Patch for xen tackles Intel RAPL vulnerability, bolstering system resilience and efficiency.. SUSE Security Update,xen security,Intel RAPL patch,Bug fixes. . Severity: Important. LinuxSecurity.com Team
Nov 19, 2020
•Important
SuSE
100
security advisorymoderateattackSUSE: 2020:3373-1 Moderate: Ucode-Intel Microcode Update
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3373-1 Rating: moderate References: #1170446 #1173592 #1173594 Cross-References: CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 Affected Products: SUSE Linux Enterprise Module for Basesystem 15-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201110 official release. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446) - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594) - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-00381 (bsc#1173592) - Release notes: - Security updates for [INTEL-SA-00381](https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= visory/intel-sa-00381.html). - Security updates for [INTEL-SA-00389](https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= visory/intel-sa-00389.html). - Update for functional issues. Refer to [Second Generation Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2-public.intel.com/338848/338848_2nd%20Gen%20Intel%C2%AE%20Xeon%C2%AE%20Scalable%20Processors%20Specification%20Update_Rev028US.pdf) for details. - Update for functional issues. Refer to [Intel® Xeon® Processor Scalable Family Specification Update](https://cdrdv2-public.intel.com/613537/613537_Intel%C2%AE%20Xeon%C2%AE%20Processor%20Scalable%20Family%20Specification%20Update_Rev033US.pdf) for details. - Update for functional issues. Refer to [Intel® Xeon® Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel® Core™ Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/overview.html re/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel® Core™ Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/overview.html re/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel® Processor FamiliesSpecification Update](https://www.intel.com/content/www/us/en/products/details/processors.html e-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel® Processor Family Specification Update]() for details. - Update for functional issues. Refer to [Intel® Xeon® E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html 0v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel® Xeon® E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/overview.html on/xeon-e-2100-specification-update.html) for details. ### New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | CPX-SP | A1 | 06-55-0b/bf | | 0700001e | Xeon Scalable Gen3 | LKF | B2/B3 | 06-8a-01/10 | | 00000028 | Core w/Hybrid Technology | TGL | B1 | 06-8c-01/80 | | 00000068 | Core Gen11 Mobile | CML-H | R1 | 06-a5-02/20 | | 000000e0 | Core Gen10 Mobile | CML-S62 | G1 | 06-a5-03/22 | | 000000e0 | Core Gen10 | CML-S102 | Q0 | 06-a5-05/22 | | 000000e0 | Core Gen10 | CML-U62 V2 | K0 | 06-a6-01/80 | | 000000e0 | Core Gen10 Mobile ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000043 | 00000044 | Core Gen4 X series; Xeon E5 v3 | SKL-U/Y | D0 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile | SKL-U23e | K1 | 06-4e-03/c0 | 000000d6 | 000000e2 | Core Gen6 Mobile |SKX-SP | B1 | 06-55-03/97 | 01000157 | 01000159 | Xeon Scalable | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon Scalable | SKX-D | M1 | 06-55-04/b7 | 02006906 | 02006a08 | Xeon D-21xx | CLX-SP | B0 | 06-55-06/bf | 04002f01 | 04003003 | Xeon Scalable Gen2 | CLX-SP | B1 | 06-55-07/bf | 05002f01 | 05003003 | Xeon Scalable Gen2 | APL | D0 | 06-5c-09/03 | 00000038 | 00000040 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx | APL | E0 | 06-5c-0a/03 | 00000016 | 0000001e | Atom x5-E39xx | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000d6 | 000000e2 | Core Gen6; Xeon E3 v5 | GKL-R | R0 | 06-7a-08/01 | 00000016 | 00000018 | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-U/Y | D1 | 06-7e-05/80 | 00000078 | 000000a0 | Core Gen10 Mobile | AML-Y22 | H0 | 06-8e-09/10 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-U/Y | H0 | 06-8e-09/c0 | 000000d6 | 000000de | Core Gen7 Mobile | CFL-U43e | D0 | 06-8e-0a/c0 | 000000d6 | 000000e0 | Core Gen8 Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000d6 | 000000de | Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen10 Mobile | WHL-U | V0 | 06-8e-0c/94 | 000000d6 | 000000de | Core Gen8 Mobile | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000d6 | 000000de | Core Gen7; Xeon E3 v6 | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000d6 | 000000de | Core Gen8 Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 | 000000d6 | 000000de | Core Gen8 | CFL-H/S | P0 | 06-9e-0c/22 | 000000d6 | 000000de | Core Gen9 | CFL-H | R0 | 06-9e-0d/22 | 000000d6 | 000000de | Core Gen9 Mobile | CML-U62 | A0 |06-a6-00/80 | 000000ca | 000000e0 | Core Gen10 Mobile Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Basesystem 15-SP2: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-3373=1 Package List: - SUSE Linux Enterprise Module for Basesystem 15-SP2 (x86_64): ucode-intel-20201110-2.10.1 References: https://www.suse.com/security/cve/CVE-2020-8695.html https://www.suse.com/security/cve/CVE-2020-8696.html https://www.suse.com/security/cve/CVE-2020-8698.html https://bugzilla.suse.com/show_bug.cgi?id=1170446 https://bugzilla.suse.com/1173592 https://bugzilla.suse.com/1173594 . The latest ucode-intel update tackles various security vulnerabilities affecting SUSE systems. Ensure you apply the necessary patches to secure your environment immediately.. SUSE Update, ucode-intel, Security Issues, SUSE Linux Patch, Intel Microcode. . LinuxSecurity.com Team
Nov 19, 2020
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!