rpm package
suse/ucode-intel&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Vulnerabilities (15)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-8698 | Med | 5.5 | < 20201027-13.76.1 | 20201027-13.76.1 | Nov 12, 2020 | Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2020-8696 | Med | 5.5 | < 20201118-13.81.1 | 20201118-13.81.1 | Nov 12, 2020 | Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2020-8695 | Med | 5.5 | < 20201027-13.76.1 | 20201027-13.76.1 | Nov 12, 2020 | Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |
| CVE-2020-0543 | Med | 5.5 | < 20200602-13.68.1 | 20200602-13.68.1 | Jun 15, 2020 | Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2020-0549 | Med | 5.5 | < 20200602-13.68.1 | 20200602-13.68.1 | Jan 28, 2020 | Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2020-0548 | Med | 5.5 | < 20200602-13.68.1 | 20200602-13.68.1 | Jan 28, 2020 | Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| CVE-2019-11139 | Med | 6.0 | < 20191112-13.53.1 | 20191112-13.53.1 | Nov 14, 2019 | Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. | |
| CVE-2019-11135 | Med | 6.5 | < 20191112-13.53.1 | 20191112-13.53.1 | Nov 14, 2019 | TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | |
| CVE-2019-11091 | Med | 5.6 | < 20190507-13.41.1 | 20190507-13.41.1 | May 30, 2019 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c | |
| CVE-2018-12130 | Med | 5.9 | < 20190507-13.41.1 | 20190507-13.41.1 | May 30, 2019 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h | |
| CVE-2018-12127 | Med | 5.6 | < 20190507-13.41.1 | 20190507-13.41.1 | May 30, 2019 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: | |
| CVE-2018-12126 | Med | 5.6 | < 20190507-13.41.1 | 20190507-13.41.1 | May 30, 2019 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found | |
| CVE-2018-3646 | Med | 5.6 | < 20180807-13.29.1 | 20180807-13.29.1 | Aug 14, 2018 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | |
| CVE-2018-3640 | Med | 5.6 | < 20180703-13.25.1 | 20180703-13.25.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var | |
| CVE-2018-3639 | Med | 5.5 | < 20180703-13.25.1 | 20180703-13.25.1 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka |
- affected < 20201027-13.76.1fixed 20201027-13.76.1
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 20201118-13.81.1fixed 20201118-13.81.1
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 20201027-13.76.1fixed 20201027-13.76.1
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
- affected < 20200602-13.68.1fixed 20200602-13.68.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 20200602-13.68.1fixed 20200602-13.68.1
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 20200602-13.68.1fixed 20200602-13.68.1
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
- affected < 20191112-13.53.1fixed 20191112-13.53.1
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
- affected < 20191112-13.53.1fixed 20191112-13.53.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
- affected < 20190507-13.41.1fixed 20190507-13.41.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
- affected < 20190507-13.41.1fixed 20190507-13.41.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
- affected < 20190507-13.41.1fixed 20190507-13.41.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
- affected < 20190507-13.41.1fixed 20190507-13.41.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
- affected < 20180807-13.29.1fixed 20180807-13.29.1
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis
- affected < 20180703-13.25.1fixed 20180703-13.25.1
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var
- affected < 20180703-13.25.1fixed 20180703-13.25.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka