Security update for ucode-intel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:2987-1 Final 1 1 2019-11-15T12:09:24Z current 2019-11-15T12:09:24Z 2019-11-15T12:09:24Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ucode-intel This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release (bsc#1155988) - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073) - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES15-SP1-SAP-Azure-LI-BYOS-Production-2019-2987,Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production-2019-2987,SUSE-2019-2987,SUSE-SLE-Module-Basesystem-15-SP1-2019-2987 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-20192987-1/ Link for SUSE-SU-2019:2987-1 https://lists.suse.com/pipermail/sle-security-updates/2019-November/006150.html E-Mail link for SUSE-SU-2019:2987-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1139073 SUSE Bug 1139073 https://bugzilla.suse.com/1141035 SUSE Bug 1141035 https://bugzilla.suse.com/1155988 SUSE Bug 1155988 https://www.suse.com/security/cve/CVE-2019-11135/ SUSE CVE CVE-2019-11135 page https://www.suse.com/security/cve/CVE-2019-11139/ SUSE CVE CVE-2019-11139 page Image SLES15-SP1-SAP-Azure-LI-BYOS-Production Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Module for Basesystem 15 SP1 ucode-intel-20191112a-3.13.2 ucode-intel-20191112a-3.13.2 as a component of Image SLES15-SP1-SAP-Azure-LI-BYOS-Production ucode-intel-20191112a-3.13.2 as a component of Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production ucode-intel-20191112a-3.13.2 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11135 Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:ucode-intel-20191112a-3.13.2 Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:ucode-intel-20191112a-3.13.2 SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112a-3.13.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192987-1/ https://www.suse.com/security/cve/CVE-2019-11135.html CVE-2019-11135 https://bugzilla.suse.com/1139073 SUSE Bug 1139073 https://bugzilla.suse.com/1152497 SUSE Bug 1152497 https://bugzilla.suse.com/1152505 SUSE Bug 1152505 https://bugzilla.suse.com/1152506 SUSE Bug 1152506 https://bugzilla.suse.com/1160120 SUSE Bug 1160120 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. CVE-2019-11139 Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:ucode-intel-20191112a-3.13.2 Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:ucode-intel-20191112a-3.13.2 SUSE Linux Enterprise Module for Basesystem 15 SP1:ucode-intel-20191112a-3.13.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192987-1/ https://www.suse.com/security/cve/CVE-2019-11139.html CVE-2019-11139 https://bugzilla.suse.com/1141035 SUSE Bug 1141035