rpm package

suse/ucode-intel&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (26)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-31648	Low	3.9	< 20260210-158.1	20260210-158.1	Feb 10, 2026	Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially
CVE-2025-32086	Hig	7.2	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-26403	Hig	7.2	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-22889	Hig	7.9	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-22840	Hig	7.4	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
CVE-2025-22839	Hig	7.5	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVE-2025-20109	Hig	7.8	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20053	Hig	7.2	< 20250812-155.1	20250812-155.1	Aug 12, 2025	Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-24495	Med	5.6	< 20250512-152.1	20250512-152.1	May 13, 2025	Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-20623	Med	5.6	< 20250512-152.1	20250512-152.1	May 13, 2025	Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-20103	Med	6.5	< 20250512-152.1	20250512-152.1	May 13, 2025	Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-20054	Med	6.5	< 20250512-152.1	20250512-152.1	May 13, 2025	Uncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-20012	Med	4.9	< 20250512-152.1	20250512-152.1	May 13, 2025	Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVE-2024-45332	Med	5.6	< 20250512-152.1	20250512-152.1	May 13, 2025	Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-43420	Med	5.6	< 20250512-152.1	20250512-152.1	May 13, 2025	Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-28956	Med	5.6	< 20250512-152.1	20250512-152.1	May 13, 2025	Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-39355	Med	6.5	< 20250211-149.2	20250211-149.2	Feb 12, 2025	Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.
CVE-2024-37020	Low	3.8	< 20250211-149.2	20250211-149.2	Feb 12, 2025	Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-36293	Med	6.5	< 20250211-149.2	20250211-149.2	Feb 12, 2025	Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-31068	Med	5.3	< 20250211-149.2	20250211-149.2	Feb 12, 2025	Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.

CVE-2025-31648LowFeb 10, 2026
affected < 20260210-158.1fixed 20260210-158.1
Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially
CVE-2025-32086HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-26403HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-22889HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-22840HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access
CVE-2025-22839HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVE-2025-20109HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20053HigAug 12, 2025
affected < 20250812-155.1fixed 20250812-155.1
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-24495MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-20623MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-20103MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-20054MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Uncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-20012MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVE-2024-45332MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-43420MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-28956MedMay 13, 2025
affected < 20250512-152.1fixed 20250512-152.1
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-39355MedFeb 12, 2025
affected < 20250211-149.2fixed 20250211-149.2
Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access.
CVE-2024-37020LowFeb 12, 2025
affected < 20250211-149.2fixed 20250211-149.2
Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-36293MedFeb 12, 2025
affected < 20250211-149.2fixed 20250211-149.2
Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-31068MedFeb 12, 2025
affected < 20250211-149.2fixed 20250211-149.2
Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.

Page 1 of 2