English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2025.1032.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2025:1032-1)
Resumen:The remote host is missing an update for the 'microcode_ctl' package(s) announced via the SUSE-SU-2025:1032-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'microcode_ctl' package(s) announced via the SUSE-SU-2025:1032-1 advisory.

Vulnerability Insight:
This update for microcode_ctl fixes the following issues:

- CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware
Logic for some Intel Processors may allow privileged user to
potentially enable denial of service via local access. (bsc#1237096)
- CVE-2024-36293: A potential security vulnerability in some Intel
Software Guard Extensions (Intel SGX) Platforms may allow denial
of service. Intel is releasing microcode updates to mitigate this
potential vulnerability. (bsc#1237096)
- CVE-2024-39355: A potential security vulnerability in some
13th and 14th Generation Intel Core Processors may allow denial
of service. Intel is releasing microcode and UEFI reference code
updates to mitigate this potential vulnerability. (bsc#1237096)
- CVE-2024-37020: A potential security vulnerability in the Intel
Data Streaming Accelerator (Intel DSA) for some Intel Xeon Processors
may allow denial of service. Intel is releasing software updates to
mitigate this potential vulnerability. (bsc#1237096)
- CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic
in some 4th and 5th Generation Intel Xeon Processors may allow an
authorized user to potentially enable denial of service via local access. (bsc#1233313)
- CVE-2024-23918: Improper conditions check in some Intel Xeon processor
memory controller configurations when using Intel SGX may allow a
privileged user to potentially enable escalation of privilege via
local access. (bsc#1233313)
- CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor
memory controller configurations when using Intel SGX may allow a privileged
user to potentially enable escalation of privilege via local access. (bsc#1233313)
- CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in
some Intel Processors may allow an privileged user to potentially enable a
denial of service via local access. (bsc#1230400)
- CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel
Processors may allow a privileged user to potentially enable information
disclosure via local access. (bsc#1230400)
- CVE-2024-24853: Incorrect behavior order in transition between executive
monitor and SMI transfer monitor (STM) in some Intel(R) Processor may
allow a privileged user to potentially enable escalation of privilege
via local access. (bsc#1229129)
- CVE-2024-25939: Mirrored regions with different values in 3rd Generation Intel(R)
Xeon(R) Scalable Processors may allow a privileged user to potentially enable
denial of service via local access. (bsc#1229129)
- CVE-2024-24980: Protection mechanism failure in some 3rd, 4th, and 5th Generation
Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable
escalation of privilege via local access. (bsc#1229129)
- CVE-2023-42667: Improper isolation in the Intel(R) Core(TM) Ultra Processor stream
cache mechanism may ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'microcode_ctl' package(s) on SUSE Linux Enterprise Server 11-SP4.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-40982
Debian Security Information: DSA-5474 (Google Search)
https://www.debian.org/security/2023/dsa-5474
Debian Security Information: DSA-5475 (Google Search)
https://www.debian.org/security/2023/dsa-5475
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/
https://access.redhat.com/solutions/7027704
https://aws.amazon.com/security/security-bulletins/AWS-2023-007/
https://downfall.page
https://xenbits.xen.org/xsa/advisory-435.html
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html
https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-41804
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-22655
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html
https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-23583
Debian Security Information: DSA-5563 (Google Search)
https://www.debian.org/security/2023/dsa-5563
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html
https://lists.debian.org/debian-lts-announce/2023/12/msg00012.html
http://www.openwall.com/lists/oss-security/2023/11/14/4
http://www.openwall.com/lists/oss-security/2023/11/14/5
http://www.openwall.com/lists/oss-security/2023/11/14/6
http://www.openwall.com/lists/oss-security/2023/11/14/7
http://www.openwall.com/lists/oss-security/2023/11/14/8
http://www.openwall.com/lists/oss-security/2023/11/14/9
Common Vulnerability Exposure (CVE) ID: CVE-2023-23908
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-28746
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html
http://www.openwall.com/lists/oss-security/2024/03/12/13
Common Vulnerability Exposure (CVE) ID: CVE-2023-38575
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-39368
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-42667
Common Vulnerability Exposure (CVE) ID: CVE-2023-43490
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-45733
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-45745
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01036.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-46103
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-47855
Common Vulnerability Exposure (CVE) ID: CVE-2023-49141
Common Vulnerability Exposure (CVE) ID: CVE-2024-21820
Common Vulnerability Exposure (CVE) ID: CVE-2024-21853
Common Vulnerability Exposure (CVE) ID: CVE-2024-23918
Common Vulnerability Exposure (CVE) ID: CVE-2024-23984
Common Vulnerability Exposure (CVE) ID: CVE-2024-24853
Common Vulnerability Exposure (CVE) ID: CVE-2024-24968
Common Vulnerability Exposure (CVE) ID: CVE-2024-24980
Common Vulnerability Exposure (CVE) ID: CVE-2024-25939
Common Vulnerability Exposure (CVE) ID: CVE-2024-31068
Common Vulnerability Exposure (CVE) ID: CVE-2024-36293
Common Vulnerability Exposure (CVE) ID: CVE-2024-37020
Common Vulnerability Exposure (CVE) ID: CVE-2024-39355
CopyrightCopyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.