SUSE-SU-2025:20020-1

This update for ucode-intel fixes the following issues:

• Intel CPU Microcode was updated to the 20240514 release (bsc#1224277)

  • CVE-2023-45733: Security updates for INTEL-SA-01051
  • CVE-2023-46103: Security updates for INTEL-SA-01052
  • CVE-2023-45745,CVE-2023-47855: Security updates for INTEL-SA-01036

• Updated to Intel CPU Microcode 20240312 release. (bsc#1221323)

  • Security updates for INTEL-SA-INTEL-SA-00972
    • CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access
  • Security updates for INTEL-SA-INTEL-SA-00982
    • CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access.
  • Security updates for INTEL-SA-INTEL-SA-00898
    • CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access.
  • Security updates for INTEL-SA-INTEL-SA-00960
    • CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access.
  • Security updates for INTEL-SA-INTEL-SA-01045
    • CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel SGX may allow a privileged user to potentially enable information disclosure via local access.