suse-su-2019:2958-1
Vulnerability from csaf_suse
Published
2019-11-12 18:16
Modified
2019-11-12 18:16
Summary
Security update for ucode-intel
Notes
Title of the patch
Security update for ucode-intel
Description of the patch
This update for ucode-intel fixes the following issues:
- Updated to 20191112 security release (bsc#1155988)
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- new platforms ----------------------------------------
- CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile
- CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile
- SKX-SP B1 6-55-3/97 01000150 Xeon Scalable
- ICL U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile
- ---- updated platforms ------------------------------------
- SKL U/Y D0 6-4e-3/c0 000000cc->000000d4 Core Gen6 Mobile
- SKL H/S/E3 R0/N0 6-5e-3/36 000000cc->000000d4 Core Gen6
- AML-Y22 H0 6-8e-9/10 000000b4->000000c6 Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 000000b4->000000c6 Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 000000b4->000000c6 Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000b8->000000c6 Core Gen8 Mobile
- AML-Y V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- CML-U42 V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile
- WHL-U V0 6-8e-c/94 000000b8->000000c6 Core Gen8 Mobile
- KBL-G/X H0 6-9e-9/2a 000000b4->000000c6 Core Gen7/Gen8
- KBL-H/S/E3 B0 6-9e-9/2a 000000b4->000000c6 Core Gen7; Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000b4->000000c6 Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000b4->000000c6 Core Gen8
- CFL-H R0 6-9e-d/22 000000b8->000000c6 Core Gen9 Mobile
- Includes security fixes for:
- CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)
- CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)
Patchnames
SUSE-2019-2958,SUSE-SLE-Module-Basesystem-15-SP1-2019-2958
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ucode-intel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ucode-intel fixes the following issues:\n\n- Updated to 20191112 security release (bsc#1155988)\n - Processor Identifier Version Products\n - Model Stepping F-MO-S/PI Old-\u003eNew\n - ---- new platforms ----------------------------------------\n - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile\n - CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile\n - SKX-SP B1 6-55-3/97 01000150 Xeon Scalable\n - ICL U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile\n - ---- updated platforms ------------------------------------\n - SKL U/Y D0 6-4e-3/c0 000000cc-\u003e000000d4 Core Gen6 Mobile\n - SKL H/S/E3 R0/N0 6-5e-3/36 000000cc-\u003e000000d4 Core Gen6\n - AML-Y22 H0 6-8e-9/10 000000b4-\u003e000000c6 Core Gen8 Mobile\n - KBL-U/Y H0 6-8e-9/c0 000000b4-\u003e000000c6 Core Gen7 Mobile\n - CFL-U43e D0 6-8e-a/c0 000000b4-\u003e000000c6 Core Gen8 Mobile\n - WHL-U W0 6-8e-b/d0 000000b8-\u003e000000c6 Core Gen8 Mobile\n - AML-Y V0 6-8e-c/94 000000b8-\u003e000000c6 Core Gen10 Mobile\n - CML-U42 V0 6-8e-c/94 000000b8-\u003e000000c6 Core Gen10 Mobile\n - WHL-U V0 6-8e-c/94 000000b8-\u003e000000c6 Core Gen8 Mobile\n - KBL-G/X H0 6-9e-9/2a 000000b4-\u003e000000c6 Core Gen7/Gen8\n - KBL-H/S/E3 B0 6-9e-9/2a 000000b4-\u003e000000c6 Core Gen7; Xeon E3 v6\n - CFL-H/S/E3 U0 6-9e-a/22 000000b4-\u003e000000c6 Core Gen8 Desktop, Mobile, Xeon E\n - CFL-S B0 6-9e-b/02 000000b4-\u003e000000c6 Core Gen8\n - CFL-H R0 6-9e-d/22 000000b8-\u003e000000c6 Core Gen9 Mobile\n- Includes security fixes for:\n - CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073)\n - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2958,SUSE-SLE-Module-Basesystem-15-SP1-2019-2958",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2958-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2958-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192958-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2958-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192958-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1139073",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "self",
"summary": "SUSE Bug 1141035",
"url": "https://bugzilla.suse.com/1141035"
},
{
"category": "self",
"summary": "SUSE Bug 1155988",
"url": "https://bugzilla.suse.com/1155988"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11135 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11139 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11139/"
}
],
"title": "Security update for ucode-intel",
"tracking": {
"current_release_date": "2019-11-12T18:16:08Z",
"generator": {
"date": "2019-11-12T18:16:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2958-1",
"initial_release_date": "2019-11-12T18:16:08Z",
"revision_history": [
{
"date": "2019-11-12T18:16:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20191112-3.9.1.i586",
"product": {
"name": "ucode-intel-20191112-3.9.1.i586",
"product_id": "ucode-intel-20191112-3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ucode-intel-20191112-3.9.1.x86_64",
"product": {
"name": "ucode-intel-20191112-3.9.1.x86_64",
"product_id": "ucode-intel-20191112-3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-intel-20191112-3.9.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
},
"product_reference": "ucode-intel-20191112-3.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11135"
}
],
"notes": [
{
"category": "general",
"text": "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11135",
"url": "https://www.suse.com/security/cve/CVE-2019-11135"
},
{
"category": "external",
"summary": "SUSE Bug 1139073 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1139073"
},
{
"category": "external",
"summary": "SUSE Bug 1152497 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152497"
},
{
"category": "external",
"summary": "SUSE Bug 1152505 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152505"
},
{
"category": "external",
"summary": "SUSE Bug 1152506 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1152506"
},
{
"category": "external",
"summary": "SUSE Bug 1160120 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1160120"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2019-11135",
"url": "https://bugzilla.suse.com/1201877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-12T18:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2019-11135"
},
{
"cve": "CVE-2019-11139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11139",
"url": "https://www.suse.com/security/cve/CVE-2019-11139"
},
{
"category": "external",
"summary": "SUSE Bug 1141035 for CVE-2019-11139",
"url": "https://bugzilla.suse.com/1141035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112-3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-12T18:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2019-11139"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…