rpm package
suse/microcode_ctl&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/microcode_ctl&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (20)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-24489 | — | < 1.17-102.83.71.1 | 1.17-102.83.71.1 | Jun 9, 2021 | Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2020-24513 | — | < 1.17-102.83.71.1 | 1.17-102.83.71.1 | Jun 9, 2021 | Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-24512 | — | < 1.17-102.83.71.1 | 1.17-102.83.71.1 | Jun 9, 2021 | Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-24511 | — | < 1.17-102.83.71.1 | 1.17-102.83.71.1 | Jun 9, 2021 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-8695 | — | < 1.17-102.83.59.1 | 1.17-102.83.59.1 | Nov 12, 2020 | Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | ||
| CVE-2020-8696 | — | < 1.17-102.83.62.1 | 1.17-102.83.62.1 | Nov 12, 2020 | Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-8698 | — | < 1.17-102.83.59.1 | 1.17-102.83.59.1 | Nov 12, 2020 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-0543 | — | < 1.17-102.83.53.1 | 1.17-102.83.53.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-0549 | — | < 1.17-102.83.53.1 | 1.17-102.83.53.1 | Jan 28, 2020 | Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2020-0548 | — | < 1.17-102.83.53.1 | 1.17-102.83.53.1 | Jan 28, 2020 | Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||
| CVE-2019-11135 | Med | 6.5 | < 1.17-102.83.47.1 | 1.17-102.83.47.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |
| CVE-2019-11139 | — | < 1.17-102.83.47.1 | 1.17-102.83.47.1 | Nov 14, 2019 | Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. | ||
| CVE-2019-11091 | Med | 5.6 | < 1.17-102.83.36.1 | 1.17-102.83.36.1 | May 30, 2019 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c | |
| CVE-2018-12130 | Med | 5.9 | < 1.17-102.83.36.1 | 1.17-102.83.36.1 | May 30, 2019 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h | |
| CVE-2018-12127 | Med | 5.6 | < 1.17-102.83.36.1 | 1.17-102.83.36.1 | May 30, 2019 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: | |
| CVE-2018-12126 | Med | 5.6 | < 1.17-102.83.36.1 | 1.17-102.83.36.1 | May 30, 2019 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found | |
| CVE-2018-3646 | Med | 5.6 | < 1.17-102.83.27.1 | 1.17-102.83.27.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | |
| CVE-2018-3640 | Med | 5.6 | < 1.17-102.83.24.1 | 1.17-102.83.24.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var | |
| CVE-2018-3639 | Med | 5.5 | < 1.17-102.83.24.1 | 1.17-102.83.24.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka | |
| CVE-2017-5715 | Med | 5.6 | < 1.17-102.83.9.1 | 1.17-102.83.9.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2020-24489Jun 9, 2021affected < 1.17-102.83.71.1fixed 1.17-102.83.71.1
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2020-24513Jun 9, 2021affected < 1.17-102.83.71.1fixed 1.17-102.83.71.1
Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-24512Jun 9, 2021affected < 1.17-102.83.71.1fixed 1.17-102.83.71.1
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-24511Jun 9, 2021affected < 1.17-102.83.71.1fixed 1.17-102.83.71.1
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-8695Nov 12, 2020affected < 1.17-102.83.59.1fixed 1.17-102.83.59.1
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2020-8696Nov 12, 2020affected < 1.17-102.83.62.1fixed 1.17-102.83.62.1
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-8698Nov 12, 2020affected < 1.17-102.83.59.1fixed 1.17-102.83.59.1
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-0543Jun 15, 2020affected < 1.17-102.83.53.1fixed 1.17-102.83.53.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-0549Jan 28, 2020affected < 1.17-102.83.53.1fixed 1.17-102.83.53.1
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2020-0548Jan 28, 2020affected < 1.17-102.83.53.1fixed 1.17-102.83.53.1
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 1.17-102.83.47.1fixed 1.17-102.83.47.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
- CVE-2019-11139Nov 14, 2019affected < 1.17-102.83.47.1fixed 1.17-102.83.47.1
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
- affected < 1.17-102.83.36.1fixed 1.17-102.83.36.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
- affected < 1.17-102.83.36.1fixed 1.17-102.83.36.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
- affected < 1.17-102.83.36.1fixed 1.17-102.83.36.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
- affected < 1.17-102.83.36.1fixed 1.17-102.83.36.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
- affected < 1.17-102.83.27.1fixed 1.17-102.83.27.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- affected < 1.17-102.83.24.1fixed 1.17-102.83.24.1
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var
- affected < 1.17-102.83.24.1fixed 1.17-102.83.24.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka
- affected < 1.17-102.83.9.1fixed 1.17-102.83.9.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.