[SUSE-SU-2019:1296-1] Security update for ucode-intel

Severity Important

Affected Packages 7

CVEs 4

Security update for ucode-intel

This update for ucode-intel fixes the following issues:

ucode-intel was updated to official QSR 2019.1 microcode release (bsc#1111331
CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091)

---- new platforms ----------------------------------------
VLV C0 6-37-8/02 00000838 Atom Z series
VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx
VLV D0 6-37-9/0F 0000090c Atom E38xx
CHV C0 6-4c-3/01 00000368 Atom X series
CHV D0 6-4c-4/01 00000411 Atom X series

Readded Broadwell CPU ucode that was missing in last update:

BDX-ML B0/M0/R0 6-4f-1/ef 0b00002e->00000036 Xeon E5/E7 v4; Core i7-69xx/68xx

Package	Affected Version
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=4	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=3	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=2	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=1	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sled-12&sp=4	< 20190514-13.44.1
pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sled-12&sp=3	< 20190514-13.44.1

ID

SUSE-SU-2019:1296-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2019/suse-su-20191296-1/

Published

2019-05-21T05:33:22
(5 years ago)

Modified

2019-05-21T05:33:22
(5 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1296-1.json
Suse	URL for SUSE-SU-2019:1296-1	https://www.suse.com/support/update/announcement/2019/suse-su-20191296-1/
Suse	E-Mail link for SUSE-SU-2019:1296-1	https://lists.suse.com/pipermail/sle-security-updates/2019-May/005481.html
Bugzilla	SUSE Bug 1111331	https://bugzilla.suse.com/1111331
CVE	SUSE CVE CVE-2018-12126 page	https://www.suse.com/security/cve/CVE-2018-12126/
CVE	SUSE CVE CVE-2018-12127 page	https://www.suse.com/security/cve/CVE-2018-12127/
CVE	SUSE CVE CVE-2018-12130 page	https://www.suse.com/security/cve/CVE-2018-12130/
CVE	SUSE CVE CVE-2019-11091 page	https://www.suse.com/security/cve/CVE-2019-11091/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=4	suse	ucode-intel	< 20190514-13.44.1	sles-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=3	suse	ucode-intel	< 20190514-13.44.1	sles-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=2	suse	ucode-intel	< 20190514-13.44.1	sles-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12&sp=1	suse	ucode-intel	< 20190514-13.44.1	sles-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sles-12	suse	ucode-intel	< 20190514-13.44.1	sles-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sled-12&sp=4	suse	ucode-intel	< 20190514-13.44.1	sled-12	x86_64
Affected	pkg:rpm/suse/ucode-intel?arch=x86_64&distro=sled-12&sp=3	suse	ucode-intel	< 20190514-13.44.1	sled-12	x86_64

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date