Security update for ucode-intel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:0541-1 Final 1 1 2022-02-21T12:49:07Z current 2022-02-21T12:49:07Z 2022-02-21T12:49:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ucode-intel This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615) - CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779) - CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780) - CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781) - Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html) - Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2022-541,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-541,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-541,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-541,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-541,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-541,SUSE-Storage-6-2022-541 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20220541-1/ Link for SUSE-SU-2022:0541-1 https://lists.suse.com/pipermail/sle-security-updates/2022-February/010285.html E-Mail link for SUSE-SU-2022:0541-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1192615 SUSE Bug 1192615 https://bugzilla.suse.com/1195779 SUSE Bug 1195779 https://bugzilla.suse.com/1195780 SUSE Bug 1195780 https://bugzilla.suse.com/1195781 SUSE Bug 1195781 https://www.suse.com/security/cve/CVE-2021-0127/ SUSE CVE CVE-2021-0127 page https://www.suse.com/security/cve/CVE-2021-0145/ SUSE CVE CVE-2021-0145 page https://www.suse.com/security/cve/CVE-2021-0146/ SUSE CVE CVE-2021-0146 page https://www.suse.com/security/cve/CVE-2021-33120/ SUSE CVE CVE-2021-33120 page SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP1 ucode-intel-20220207-3.206.1 ucode-intel-20220207-3.206.1 as a component of SUSE Enterprise Storage 6 ucode-intel-20220207-3.206.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS ucode-intel-20220207-3.206.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS ucode-intel-20220207-3.206.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL ucode-intel-20220207-3.206.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS ucode-intel-20220207-3.206.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. CVE-2021-0127 SUSE Enterprise Storage 6:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20220207-3.206.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220541-1/ https://www.suse.com/security/cve/CVE-2021-0127.html CVE-2021-0127 https://bugzilla.suse.com/1195779 SUSE Bug 1195779 Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2021-0145 SUSE Enterprise Storage 6:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20220207-3.206.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220541-1/ https://www.suse.com/security/cve/CVE-2021-0145.html CVE-2021-0145 https://bugzilla.suse.com/1195780 SUSE Bug 1195780 Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-0146 SUSE Enterprise Storage 6:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20220207-3.206.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220541-1/ https://www.suse.com/security/cve/CVE-2021-0146.html CVE-2021-0146 https://bugzilla.suse.com/1192615 SUSE Bug 1192615 https://bugzilla.suse.com/1193500 SUSE Bug 1193500 https://bugzilla.suse.com/1200661 SUSE Bug 1200661 https://bugzilla.suse.com/1200663 SUSE Bug 1200663 https://bugzilla.suse.com/1205062 SUSE Bug 1205062 Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access. CVE-2021-33120 SUSE Enterprise Storage 6:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-BCL:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-intel-20220207-3.206.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-intel-20220207-3.206.1 moderate 5.5 AV:N/AC:L/Au:S/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20220541-1/ https://www.suse.com/security/cve/CVE-2021-33120.html CVE-2021-33120 https://bugzilla.suse.com/1195781 SUSE Bug 1195781