Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
100
security advisorySuSEimportantSUSE Linux: Xen Important Security Update 2025:02325-1 CVE-2024-36350 DoS
* bsc#1238896 * bsc#1244644 * bsc#1246112 Cross-References: . # Security update for xen Announcement ID: SUSE-SU-2025:02325-1 Release Date: 2025-07-16T06:37:43Z Rating: important References: * bsc#1238896 * bsc#1244644 * bsc#1246112 Cross-References: * CVE-2024-36350 * CVE-2024-36357 * CVE-2025-27465 CVSS scores: * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-27465 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27465 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) * CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2325=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2325=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patchSUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2325=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2325=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2325=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2325=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-devel-4.17.5_10-150500.3.50.1 * xen-tools-domU-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * xen-tools-domU-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-4.17.5_10-150500.3.50.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.5_10-150500.3.50.1 * xen-libs-32bit-debuginfo-4.17.5_10-150500.3.50.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-debuginfo-4.17.5_10-150500.3.50.1 * xen-tools-4.17.5_10-150500.3.50.1 * xen-doc-html-4.17.5_10-150500.3.50.1 * xen-4.17.5_10-150500.3.50.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_10-150500.3.50.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-64bit-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-4.17.5_10-150500.3.50.1 * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-devel-4.17.5_10-150500.3.50.1 * xen-tools-domU-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * xen-4.17.5_10-150500.3.50.1 * xen-tools-domU-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-4.17.5_10-150500.3.50.1 * xen-tools-debuginfo-4.17.5_10-150500.3.50.1 * xen-tools-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise High Performance ComputingESPOS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-devel-4.17.5_10-150500.3.50.1 * xen-tools-domU-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * xen-4.17.5_10-150500.3.50.1 * xen-tools-domU-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-4.17.5_10-150500.3.50.1 * xen-tools-debuginfo-4.17.5_10-150500.3.50.1 * xen-tools-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-devel-4.17.5_10-150500.3.50.1 * xen-tools-domU-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * xen-4.17.5_10-150500.3.50.1 * xen-tools-domU-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-4.17.5_10-150500.3.50.1 * xen-tools-debuginfo-4.17.5_10-150500.3.50.1 * xen-tools-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * xen-libs-debuginfo-4.17.5_10-150500.3.50.1 * xen-devel-4.17.5_10-150500.3.50.1 * xen-tools-domU-4.17.5_10-150500.3.50.1 * xen-debugsource-4.17.5_10-150500.3.50.1 * xen-4.17.5_10-150500.3.50.1 * xen-tools-domU-debuginfo-4.17.5_10-150500.3.50.1 * xen-libs-4.17.5_10-150500.3.50.1 * xen-tools-debuginfo-4.17.5_10-150500.3.50.1 * xen-tools-4.17.5_10-150500.3.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_10-150500.3.50.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2025-27465.html * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1244644 * https://bugzilla.suse.com/show_bug.cgi?id=1246112 . An urgent patch addressing security flaws in xen impacting multiple SUSE Linux versions; highly recommended to apply.. SUSE Linux, Xen Security, Important Patch Updates. . Severity: Important. LinuxSecurity.com Team
Jul 16, 2025
•Important
SuSE
202
security advisoryimportantOpenSUSEopenSUSE Leap 15.6: xen Important Security Update 2025:02316-1
An update that solves three vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2025:02316-1 Release Date: 2025-07-15T12:59:30Z Rating: important References: * bsc#1238896 * bsc#1244644 * bsc#1246112 Cross-References: * CVE-2024-36350 * CVE-2024-36357 * CVE-2025-27465 CVSS scores: * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-27465 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27465 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) * CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2316=1 openSUSE-SLE-15.6-2025-2316=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-2316=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-2316=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) *xen-debugsource-4.18.5_04-150600.3.28.1 * xen-tools-domU-4.18.5_04-150600.3.28.1 * xen-devel-4.18.5_04-150600.3.28.1 * xen-tools-domU-debuginfo-4.18.5_04-150600.3.28.1 * xen-libs-debuginfo-4.18.5_04-150600.3.28.1 * xen-libs-4.18.5_04-150600.3.28.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.5_04-150600.3.28.1 * xen-libs-32bit-4.18.5_04-150600.3.28.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-debuginfo-4.18.5_04-150600.3.28.1 * xen-doc-html-4.18.5_04-150600.3.28.1 * xen-tools-4.18.5_04-150600.3.28.1 * xen-4.18.5_04-150600.3.28.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_04-150600.3.28.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.5_04-150600.3.28.1 * xen-libs-64bit-debuginfo-4.18.5_04-150600.3.28.1 * Basesystem Module 15-SP6 (x86_64) * xen-debugsource-4.18.5_04-150600.3.28.1 * xen-tools-domU-4.18.5_04-150600.3.28.1 * xen-tools-domU-debuginfo-4.18.5_04-150600.3.28.1 * xen-libs-debuginfo-4.18.5_04-150600.3.28.1 * xen-libs-4.18.5_04-150600.3.28.1 * Server Applications Module 15-SP6 (x86_64) * xen-debugsource-4.18.5_04-150600.3.28.1 * xen-tools-4.18.5_04-150600.3.28.1 * xen-devel-4.18.5_04-150600.3.28.1 * xen-tools-debuginfo-4.18.5_04-150600.3.28.1 * xen-4.18.5_04-150600.3.28.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.5_04-150600.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2025-27465.html * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1244644 * https://bugzilla.suse.com/show_bug.cgi?id=1246112 . Patch fixes critical bugs concerning Xen on openSUSE Leap 15.6 alongside its modules. System reboot is necessary.. xen security fix, openSUSE importance, LINUX security patches, AMD transient execution, CVEupdates. . Severity: Important. LinuxSecurity.com Team
Jul 15, 2025
•Important
OpenSUSE
202
security advisoryDoSimportantopenSUSE: Xen Important Fix for Transient Execution 2025:02319-1
An update that solves three vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2025:02319-1 Release Date: 2025-07-15T14:20:10Z Rating: important References: * bsc#1238896 * bsc#1244644 * bsc#1246112 Cross-References: * CVE-2024-36350 * CVE-2024-36357 * CVE-2025-27465 CVSS scores: * CVE-2024-36350 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36357 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-27465 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-27465 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-36350, CVE-2024-36357: More AMD transient execution attacks (bsc#1246112, XSA-471) * CVE-2025-27465: Incorrect stubs exception handling for flags recovery (bsc#1244644, XSA-470) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2319=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2319=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2319=1 * SUSE LinuxEnterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2319=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-2319=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2319=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2319=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-2319=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-devel-4.14.6_26-150300.3.91.1 * xen-libs-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * xen-tools-domU-4.14.6_26-150300.3.91.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_26-150300.3.91.1 * xen-libs-32bit-4.14.6_26-150300.3.91.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-doc-html-4.14.6_26-150300.3.91.1 * xen-tools-debuginfo-4.14.6_26-150300.3.91.1 * xen-tools-4.14.6_26-150300.3.91.1 * xen-4.14.6_26-150300.3.91.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-4.14.6_26-150300.3.91.1 * xen-libs-64bit-debuginfo-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * xen-tools-domU-debuginfo-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-tools-4.14.6_26-150300.3.91.1 * xen-tools-domU-4.14.6_26-150300.3.91.1 * xen-devel-4.14.6_26-150300.3.91.1 * xen-libs-4.14.6_26-150300.3.91.1 * xen-tools-debuginfo-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * xen-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1 * SUSE Linux EnterpriseServer 15 SP3 LTSS (x86_64) * xen-tools-domU-debuginfo-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-tools-4.14.6_26-150300.3.91.1 * xen-tools-domU-4.14.6_26-150300.3.91.1 * xen-devel-4.14.6_26-150300.3.91.1 * xen-libs-4.14.6_26-150300.3.91.1 * xen-tools-debuginfo-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * xen-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * xen-tools-domU-debuginfo-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-tools-4.14.6_26-150300.3.91.1 * xen-tools-domU-4.14.6_26-150300.3.91.1 * xen-devel-4.14.6_26-150300.3.91.1 * xen-libs-4.14.6_26-150300.3.91.1 * xen-tools-debuginfo-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * xen-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1 * SUSE Enterprise Storage 7.1 (x86_64) * xen-tools-domU-debuginfo-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-tools-4.14.6_26-150300.3.91.1 * xen-tools-domU-4.14.6_26-150300.3.91.1 * xen-devel-4.14.6_26-150300.3.91.1 * xen-libs-4.14.6_26-150300.3.91.1 * xen-tools-debuginfo-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * xen-4.14.6_26-150300.3.91.1 * SUSE Enterprise Storage 7.1 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-libs-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-libs-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 * SUSELinux Enterprise Micro for Rancher 5.2 (x86_64) * xen-libs-4.14.6_26-150300.3.91.1 * xen-debugsource-4.14.6_26-150300.3.91.1 * xen-libs-debuginfo-4.14.6_26-150300.3.91.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36350.html * https://www.suse.com/security/cve/CVE-2024-36357.html * https://www.suse.com/security/cve/CVE-2025-27465.html * https://bugzilla.suse.com/show_bug.cgi?id=1238896 * https://bugzilla.suse.com/show_bug.cgi?id=1244644 * https://bugzilla.suse.com/show_bug.cgi?id=1246112 . A critical security bulletin for openSUSE highlights potential threats from Xen weaknesses that could compromise system integrity and data privacy.. openSUSE, Xen, security update, important advisory, transient execution. . Severity: Important. LinuxSecurity.com Team
Jul 15, 2025
•Important
OpenSUSE
202
security advisorymoderatexenopenSUSE 15.5: 2023:3447-1 Moderate: xen Side Channel and Execution Fixes
This update for xen fixes the following issues: CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. (bsc#1214082, XSA-434). # Security update for xen Announcement ID: SUSE-SU-2023:3447-1 Rating: moderate References: * #1027519 * #1212684 * #1213616 * #1214082 * #1214083 Cross-References: * CVE-2022-40982 * CVE-2023-20569 * CVE-2023-20593 CVSS scores: * CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-20569 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has two fixes can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. (bsc#1214082, XSA-434) * CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling". (bsc#1214083, XSA-435) * CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information. (bsc#1213616, XSA-433) ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patchSUSE-SLE-Module-Server-Applications-15-SP5-2023-3447=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-3447=1 openSUSE-SLE-15.5-2023-3447=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3447=1 ## Package List: * Server Applications Module 15-SP5 (x86_64) * xen-tools-debuginfo-4.17.2_02-150500.3.6.1 * xen-tools-4.17.2_02-150500.3.6.1 * xen-devel-4.17.2_02-150500.3.6.1 * xen-debugsource-4.17.2_02-150500.3.6.1 * xen-4.17.2_02-150500.3.6.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.2_02-150500.3.6.1 * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-libs-4.17.2_02-150500.3.6.1 * xen-tools-domU-debuginfo-4.17.2_02-150500.3.6.1 * xen-devel-4.17.2_02-150500.3.6.1 * xen-tools-domU-4.17.2_02-150500.3.6.1 * xen-libs-debuginfo-4.17.2_02-150500.3.6.1 * xen-debugsource-4.17.2_02-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.2_02-150500.3.6.1 * xen-libs-32bit-4.17.2_02-150500.3.6.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.2_02-150500.3.6.1 * xen-tools-debuginfo-4.17.2_02-150500.3.6.1 * xen-tools-4.17.2_02-150500.3.6.1 * xen-doc-html-4.17.2_02-150500.3.6.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.2_02-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.2_02-150500.3.6.1 * xen-libs-64bit-4.17.2_02-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * xen-libs-4.17.2_02-150500.3.6.1 * xen-tools-domU-debuginfo-4.17.2_02-150500.3.6.1 * xen-tools-domU-4.17.2_02-150500.3.6.1 * xen-debugsource-4.17.2_02-150500.3.6.1 * xen-libs-debuginfo-4.17.2_02-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-40982.html * https://www.suse.com/security/cve/CVE-2023-20569.html * https://www.suse.com/security/cve/CVE-2023-20593.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 *https://bugzilla.suse.com/show_bug.cgi?id=1212684 * https://bugzilla.suse.com/show_bug.cgi?id=1213616 * https://bugzilla.suse.com/show_bug.cgi?id=1214082 * https://bugzilla.suse.com/show_bug.cgi?id=1214083 . SUSE issued a significant patch for xen targeting CVE-2023-20569 and additional issues. Discover the details regarding the corrections and security flaws.. openSUSE Update,xen Security Advisory,moderate Security Fix,vulnerability Management. . LinuxSecurity.com Team
Aug 28, 2023
OpenSUSE
202
security advisoryimportantattack mitigationopenSUSE Leap 15.3: 2022:0940-1 Important: Xen BHB Speculation
An update that solves three vulnerabilities and has one errata is now available. . openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0940-1 Rating: important References: #1027519 #1191668 #1194267 #1196915 Cross-References: CVE-2021-26401 CVE-2022-0001 CVE-2022-0002 CVSS scores: CVE-2021-26401 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2021-26401 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0001 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0002 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for xen fixes the following issues: Update Xen to version 4.14.4 (bsc#1027519) Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. Security issues fixed: - CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: BHB speculation issues (bsc#1196915). Non-security issues fixed: - Fixed issue around xl and virsh operation - virsh list not giving any output (bsc#1191668). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternativelyyou can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-940=1 Package List: - openSUSE Leap 15.3 (aarch64 x86_64): xen-4.14.4_02-150300.3.21.1 xen-debugsource-4.14.4_02-150300.3.21.1 xen-devel-4.14.4_02-150300.3.21.1 xen-doc-html-4.14.4_02-150300.3.21.1 xen-libs-4.14.4_02-150300.3.21.1 xen-libs-debuginfo-4.14.4_02-150300.3.21.1 xen-tools-4.14.4_02-150300.3.21.1 xen-tools-debuginfo-4.14.4_02-150300.3.21.1 xen-tools-domU-4.14.4_02-150300.3.21.1 xen-tools-domU-debuginfo-4.14.4_02-150300.3.21.1 - openSUSE Leap 15.3 (x86_64): xen-libs-32bit-4.14.4_02-150300.3.21.1 xen-libs-32bit-debuginfo-4.14.4_02-150300.3.21.1 - openSUSE Leap 15.3 (noarch): xen-tools-xendomains-wait-disk-4.14.4_02-150300.3.21.1 References: https://www.suse.com/security/cve/CVE-2021-26401.html https://www.suse.com/security/cve/CVE-2022-0001.html https://www.suse.com/security/cve/CVE-2022-0002.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1191668 https://bugzilla.suse.com/1194267 https://bugzilla.suse.com/1196915 . Important patch for openSUSE Leap 15.3 aimed at addressing significant xen vulnerabilities associated with transient execution side-channel assaults.. OpenSUSE Security Update,Xen Patch,Transient Execution Fix. . Severity: Important. LinuxSecurity.com Team
Mar 23, 2022
•Important
OpenSUSE
100
security advisorycriticalimportantSUSE: 2022:0939-1 Critical Security Update for Xen BHB Attack Mitigation
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0939-1 Rating: important References: #1196915 Cross-References: CVE-2021-26401 CVE-2022-0001 CVE-2022-0002 CVSS scores: CVE-2021-26401 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2021-26401 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0001 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0002 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for xen fixes the following issues: Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. - CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: BHB speculation issues (bsc#1196915). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypperin -t patch SUSE-SLE-SDK-12-SP5-2022-939=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-939=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64): xen-debugsource-4.12.4_20-3.61.1 xen-devel-4.12.4_20-3.61.1 - SUSE Linux Enterprise Server 12-SP5 (x86_64): xen-4.12.4_20-3.61.1 xen-debugsource-4.12.4_20-3.61.1 xen-doc-html-4.12.4_20-3.61.1 xen-libs-32bit-4.12.4_20-3.61.1 xen-libs-4.12.4_20-3.61.1 xen-libs-debuginfo-32bit-4.12.4_20-3.61.1 xen-libs-debuginfo-4.12.4_20-3.61.1 xen-tools-4.12.4_20-3.61.1 xen-tools-debuginfo-4.12.4_20-3.61.1 xen-tools-domU-4.12.4_20-3.61.1 xen-tools-domU-debuginfo-4.12.4_20-3.61.1 References: https://www.suse.com/security/cve/CVE-2021-26401.html https://www.suse.com/security/cve/CVE-2022-0001.html https://www.suse.com/security/cve/CVE-2022-0002.html https://bugzilla.suse.com/1196915 . Significant SUSE upgrade for xen has been released addressing three major vulnerabilities connected to transient execution threats.. SUSE Update, Xen Security, Security Patch, Branch Target Injection, Important Security Fix. . Severity: Important. LinuxSecurity.com Team
Mar 23, 2022
•Important
SuSE
202
security advisorysecurity fiximportantopenSUSE Leap 15.3 - 2021:1933-1 Important: ucode-intel Issues Resolved
An update that fixes four vulnerabilities is now available. . openSUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1933-1 Rating: important References: #1179833 #1179836 #1179837 #1179839 Cross-References: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVSS scores: CVE-2020-24489 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2020-24489 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2020-24511 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2020-24512 (SUSE): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2020-24513 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (INTEL-SA-00465 bsc#1179833) See also: https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= 0465.html - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (INTEL-SA-00464 bsc#1179836) See also https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= 0464.html) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837 INTEL-SA-00464) See also https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= 0464.html) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (INTEL-SA-00442 bsc#1179839) See also https://www.intel.com/content/www/us/en/404.html?ref=https://www.intel.com/content/www/us/en/404.html?ref=https://https://www.intel.com/content/www/us/en/404.html?ref= 0442.html Other fixes: - Update for functional issues. Refer to [Third Generation Intel Xeon Processor Scalable Family Specification Update]( details. - Update for functional issues. Refer to [Second Generation Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2-public.intel.com/338848/338848_2nd%20Gen%20Intel%C2%AE%20Xeon%C2%AE%20Scalable%20Processors%20Specification%20Update_Rev028US.pdf) for details. - Update for functional issues. Refer to [Intel Xeon Processor Scalable Family Specification Update](https://cdrdv2-public.intel.com/613537/613537_Intel%C2%AE%20Xeon%C2%AE%20Processor%20Scalable%20Family%20Specification%20Update_Rev033US.pdf) for details. - Update for functional issues. Refer to [Intel Xeon Processor D-1500, D-1500 NS and D-1600 NS Spec Update](https://www.intel.com/content/www/us/en/products/overview.html on/xeon-d-1500-specification-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E7-8800 and E7-4800 v3 Processor Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon Processor E5 v3 Product Family Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html spec-update.html?wapkw=processor+spec+update+e5) for details. - Update for functional issues. Refer to [10th Gen Intel Core Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/overview.html re/10th-gen-core-families-specification-update.html) for details. - Update for functional issues. Refer to [8th and 9th Gen Intel Core Processor Family Spec Update](https://www.intel.com/content/www/us/en/products/overview.html re/8th-gen-core-spec-update.html) for details. - Update for functional issues. Refer to [7th Gen and 8th Gen (U Quad-Core) Intel Processor Families Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html e-family-spec-update.html) for details. - Update for functional issues. Refer to [6th Gen Intel Processor Family Specification Update]() for details. - Update for functional issues. Refer to [Intel Xeon E3-1200 v6 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/details/processors.html 0v6-spec-update.html) for details. - Update for functional issues. Refer to [Intel Xeon E-2100 and E-2200 Processor Family Specification Update](https://www.intel.com/content/www/us/en/products/overview.html on/xeon-e-2100-specification-update.html) for details. - New platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | CLX-SP | A0 | 06-55-05/b7 | | 03000010 | Xeon Scalable Gen2 | ICX-SP | C0 | 06-6a-05/87 | | 0c0002f0 | Xeon ScalableGen3 | ICX-SP | D0 | 06-6a-06/87 | | 0d0002a0 | Xeon Scalable Gen3 | SNR | B0 | 06-86-04/01 | | 0b00000f | Atom P59xxB | SNR | B1 | 06-86-05/01 | | 0b00000f | Atom P59xxB | TGL | B1 | 06-8c-01/80 | | 00000088 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | | 00000016 | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | | 0000002c | Core Gen11 Mobile | EHL | B1 | 06-96-01/01 | | 00000011 | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E | JSL | A0/A1 | 06-9c-00/01 | | 0000001d | Pentium N6000/N6005, Celeron N4500/N4505/N5100/N5105 | RKL-S | B0 | 06-a7-01/02 | | 00000040 | Core Gen11 - Updated platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | HSX-E/EP | Cx/M1 | 06-3f-02/6f | 00000044 | 00000046 | Core Gen4 X series; Xeon E5 v3 | HSX-EX | E0 | 06-3f-04/80 | 00000016 | 00000019 | Xeon E7 v3 | SKL-U/Y | D0 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile | SKL-U23e | K1 | 06-4e-03/c0 | 000000e2 | 000000ea | Core Gen6 Mobile | BDX-ML | B0/M0/R0 | 06-4f-01/ef | 0b000038 | 0b00003e | Xeon E5/E7 v4; Core i7-69xx/68xx | SKX-SP | B1 | 06-55-03/97 | 01000159 | 0100015b | Xeon Scalable | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon Scalable | SKX-D | M1 | 06-55-04/b7 | 02006a0a | 02006b06 | Xeon D-21xx | CLX-SP | B0 | 06-55-06/bf | 04003006 | 04003102 | Xeon Scalable Gen2 | CLX-SP | B1 | 06-55-07/bf | 05003006 | 05003102 | Xeon Scalable Gen2 | CPX-SP | A1 | 06-55-0b/bf | 0700001e | 07002302 | Xeon Scalable Gen3 | BDX-DE | V2/V3 | 06-56-03/10 | 07000019 | 0700001b | Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 | BDX-DE | Y0 | 06-56-04/10 | 0f000017 | 0f000019 | Xeon D-1557/59/67/71/77/81/87 | BDX-NS | A0 | 06-56-05/10 | 0e00000f | 0e000012 | Xeon D-1513N/23/33/43/53 | APL | D0 | 06-5c-09/03 | 00000040 | 00000044 | Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx | APL | E0 | 06-5c-0a/03 | 0000001e | 00000020 | Atom x5-E39xx | SKL-H/S | R0/N0 | 06-5e-03/36 | 000000e2 | 000000ea | Core Gen6; Xeon E3 v5 | DNV | B0 | 06-5f-01/01 | 0000002e | 00000034 | Atom C Series | GLK | B0 | 06-7a-01/01 | 00000034 | 00000036 | Pentium Silver N/J5xxx, Celeron N/J4xxx | GKL-R | R0 | 06-7a-08/01 | 00000018 | 0000001a | Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-U/Y | D1 | 06-7e-05/80 | 000000a0 | 000000a6 | Core Gen10 Mobile | LKF | B2/B3 | 06-8a-01/10 | 00000028 | 0000002a | Core w/Hybrid Technology | AML-Y22 | H0 | 06-8e-09/10 | 000000de | 000000ea | Core Gen8 Mobile | KBL-U/Y | H0 | 06-8e-09/c0 | 000000de | 000000ea | Core Gen7 Mobile | CFL-U43e | D0 | 06-8e-0a/c0 | 000000e0 | 000000ea | Core Gen8 Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000de | 000000ea | Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen10 Mobile | WHL-U | V0 | 06-8e-0c/94 | 000000de | 000000ea | Core Gen8 Mobile | KBL-G/H/S/E3 | B0 | 06-9e-09/2a | 000000de | 000000ea | Core Gen7; Xeon E3 v6 | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000de | 000000ea | Core Gen8 Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 | 000000de | 000000ea | Core Gen8 | CFL-H/S | P0 | 06-9e-0c/22 | 000000de | 000000ea |Core Gen9 | CFL-H | R0 | 06-9e-0d/22 | 000000de | 000000ea | Core Gen9 Mobile | CML-H | R1 | 06-a5-02/20 | 000000e0 | 000000ea | Core Gen10 Mobile | CML-S62 | G1 | 06-a5-03/22 | 000000e0 | 000000ea | Core Gen10 | CML-S102 | Q0 | 06-a5-05/22 | 000000e0 | 000000ec | Core Gen10 | CML-U62 | A0 | 06-a6-00/80 | 000000e0 | 000000e8 | Core Gen10 Mobile | CML-U62 V2 | K0 | 06-a6-01/80 | 000000e0 | 000000ea | Core Gen10 Mobile Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-1933=1 Package List: - openSUSE Leap 15.3 (x86_64): ucode-intel-20210525-7.1 References: https://www.suse.com/security/cve/CVE-2020-24489.html https://www.suse.com/security/cve/CVE-2020-24511.html https://www.suse.com/security/cve/CVE-2020-24512.html https://www.suse.com/security/cve/CVE-2020-24513.html https://bugzilla.suse.com/1179833 https://bugzilla.suse.com/1179836 https://bugzilla.suse.com/1179837 https://bugzilla.suse.com/1179839 . Vital openSUSE patch addresses ucode-intel concerns, delivering crucial remedies for vulnerabilities affecting Intel processors.. openSUSE Update, ucode-intel Fixes, transient execution, local escalation. . Severity: Important. LinuxSecurity.com Team
Jul 10, 2021
•Important
OpenSUSE
100
security advisoryimportantSUSE LinuxSUSE: 2021:14758-1 Important: Microcode_ctl Threat Mitigation
An update that fixes four vulnerabilities is now available. . SUSE Security Update: Security update for microcode_ctl ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14758-1 Rating: important References: #1179833 #1179836 #1179837 #1179839 Cross-References: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 CVSS scores: CVE-2020-24489 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2020-24511 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2020-24512 (SUSE): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2020-24513 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for microcode_ctl fixes the following issues: Updated to Intel CPU Microcode 20210525 release: - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. (bsc#1179833) - CVE-2020-24511: The IBRS feature to mitigate Spectre variant 2 transient execution side channel vulnerabilities may not fully prevent non-root (guest) branches from controlling the branch predictions of the root (host) (bsc#1179836) - CVE-2020-24512: Fixed trivial data value cache-lines such as all-zero value cache-lines may lead to changes in cache-allocation or write-back behavior for such cache-lines (bsc#1179837) - CVE-2020-24489: Fixed Intel VT-d device pass through potential local privilege escalation (bsc#1179839) Patch Instructions: To install this SUSE SecurityUpdate use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-microcode_ctl-14758=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-microcode_ctl-14758=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64): microcode_ctl-1.17-102.83.71.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): microcode_ctl-1.17-102.83.71.1 References: https://www.suse.com/security/cve/CVE-2020-24489.html https://www.suse.com/security/cve/CVE-2020-24511.html https://www.suse.com/security/cve/CVE-2020-24512.html https://www.suse.com/security/cve/CVE-2020-24513.html https://bugzilla.suse.com/1179833 https://bugzilla.suse.com/1179836 https://bugzilla.suse.com/1179837 https://bugzilla.suse.com/1179839 . A release tackling numerous vital concerns related to microcode_ctl has just been launched within SUSE distributions.. SUSE Microcode Update, Threat Mitigation, Security Fixes. . Severity: Important. LinuxSecurity.com Team
Jun 28, 2021
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!