VYPR

rpm package

suse/ucode-intel&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/ucode-intel&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (15)

  • CVE-2020-8695Nov 12, 2020
    affected < 20201027-13.76.1fixed 20201027-13.76.1

    Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2020-8696Nov 12, 2020
    affected < 20201118-13.81.1fixed 20201118-13.81.1

    Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-8698Nov 12, 2020
    affected < 20201027-13.76.1fixed 20201027-13.76.1

    Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0543Jun 15, 2020
    affected < 20200602-13.68.1fixed 20200602-13.68.1

    Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0549Jan 28, 2020
    affected < 20200602-13.68.1fixed 20200602-13.68.1

    Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0548Jan 28, 2020
    affected < 20200602-13.68.1fixed 20200602-13.68.1

    Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2019-11135MedNov 14, 2019
    affected < 20191112-13.53.1fixed 20191112-13.53.1

    TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

  • CVE-2019-11139Nov 14, 2019
    affected < 20191112-13.53.1fixed 20191112-13.53.1

    Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2019-11091MedMay 30, 2019
    affected < 20190507-13.41.1fixed 20190507-13.41.1

    Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c

  • CVE-2018-12130MedMay 30, 2019
    affected < 20190507-13.41.1fixed 20190507-13.41.1

    Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h

  • CVE-2018-12127MedMay 30, 2019
    affected < 20190507-13.41.1fixed 20190507-13.41.1

    Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:

  • CVE-2018-12126MedMay 30, 2019
    affected < 20190507-13.41.1fixed 20190507-13.41.1

    Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found

  • CVE-2018-3646MedAug 14, 2018
    affected < 20180807-13.29.1fixed 20180807-13.29.1

    Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis

  • CVE-2018-3640MedMay 22, 2018
    affected < 20180703-13.25.1fixed 20180703-13.25.1

    Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var

  • CVE-2018-3639MedMay 22, 2018
    affected < 20180703-13.25.1fixed 20180703-13.25.1

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka