Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-20566 (GCVE-0-2023-20566)
Vulnerability from cvelistv5 – Published: 2023-11-14 18:54 – Updated: 2024-12-03 14:26| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | 3rd Gen AMD EPYC™ Processors |
Affected:
various
|
|
| AMD | 4th Gen AMD EPYC™ Processors |
Affected:
various
|
|
| AMD | AMD EPYC™ Embedded 7003 |
Affected:
various
|
|
| AMD | AMD EPYC™ Embedded 9003 |
Affected:
various
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-27T20:58:09.078592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T14:26:45.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "PI",
"platforms": [
"x86"
],
"product": "3rd Gen AMD EPYC\u2122 Processors",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "PI",
"platforms": [
"x86"
],
"product": "4th Gen AMD EPYC\u2122 Processors",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AMD EPYC\u2122 Embedded 7003",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AMD EPYC\u2122 Embedded 9003",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2023-11-14T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T18:36:52.542Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
}
],
"source": {
"advisory": "AMD-SB-3002",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2023-20566",
"datePublished": "2023-11-14T18:54:00.908Z",
"dateReserved": "2022-10-27T18:53:39.753Z",
"dateUpdated": "2024-12-03T14:26:45.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-20566",
"date": "2026-06-30",
"epss": "0.00367",
"percentile": "0.2855"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-20566\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2023-11-14T19:15:15.837\",\"lastModified\":\"2026-06-17T05:30:19.510\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\"},{\"lang\":\"es\",\"value\":\"Una validaci\u00f3n de direcci\u00f3n incorrecta en ASP con SNP habilitado puede permitir que un atacante comprometa la integridad de la memoria del invitado.\"}],\"affected\":[{\"source\":\"psirt@amd.com\",\"affectedData\":[{\"vendor\":\"AMD\",\"product\":\"3rd Gen AMD EPYC\u2122 Processors\",\"defaultStatus\":\"unaffected\",\"packageName\":\"PI\",\"platforms\":[\"x86\"],\"versions\":[{\"version\":\"various\",\"status\":\"affected\"}]},{\"vendor\":\"AMD\",\"product\":\"4th Gen AMD EPYC\u2122 Processors\",\"defaultStatus\":\"unaffected\",\"packageName\":\"PI\",\"platforms\":[\"x86\"],\"versions\":[{\"version\":\"various\",\"status\":\"affected\"}]},{\"vendor\":\"AMD\",\"product\":\"AMD EPYC\u2122 Embedded 7003\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"various\",\"status\":\"affected\"}]},{\"vendor\":\"AMD\",\"product\":\"AMD EPYC\u2122 Embedded 9003\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"various\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2023-11-27T20:58:09.078592Z\",\"id\":\"CVE-2023-20566\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7763_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"B1F02204-DC4A-4C35-B4E2-C8082516EBE5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7763:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F900BDD-F094-41A6-9A23-31F53DBA95D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7713p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"CF5BE306-1E32-4CD7-9B5A-27F7167937CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7713p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2299ED50-B4D2-4BB3-AD87-56D552B84AE1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7713_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"8C5E0C31-BF05-4B92-ACA1-84071764E077\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7713:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D698D3E-BB05-4C65-90F4-8DAE275CD6A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7663p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"7A87082D-AEFA-401D-AEAA-E11DCB07DC62\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7663p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7B5F0D8-2659-494C-8FB9-50A797CE0CA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7663_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"5D3BEE89-7D49-44C1-B608-940C453AC6A8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7663:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DFCB62-6CDF-4AD2-9265-1887E5780CA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7643p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"9A499E19-B92C-4B89-84C5-8C66B42077E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7643p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F05F9B7A-9777-461E-B88E-96592F87A49E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7773x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"E6937F59-A50E-4C4E-AA46-C2C7B692D7F5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7773x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D02B1C69-BAA4-485B-BE22-46BE321F9E4E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7643_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"13E4D0A9-CF7D-41B0-B024-7D6726481280\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7643:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98E1D79D-0CB0-4FD9-8A82-27CDFBFE07B2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7573x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"25CCA953-04A4-4698-9985-FB97DA3EB536\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7573x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"237FB33B-BF08-4E3E-8E83-EB0AD2F12A4B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_75f3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"5427628C-6F24-4615-BD65-263EC4001E4A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_75f3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBF0AFED-588A-4EFB-8C90-9280BC3A6720\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7543p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"71158ABF-441E-4A1B-8A59-EDF65DDD0F10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7543p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77A0A47B-74A1-4731-92A8-BC10FFE58ECF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7543_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"14FE1816-DFCE-442B-9AF1-132F7E909445\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7543:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52544912-FAA3-4025-A5FD-151B21CEC53B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7513_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"C15272B3-8A7D-4BDE-B3D9-2A98A0C1EBD1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7513:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8264DF4-47B4-4716-AE89-44AFA870D385\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7473x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"273BB81D-1FB1-4656-B62A-1EAC317D1F0B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7473x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07E922F-C1AB-469C-A1C1-9F9E58332DFC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7453_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"FCC7A394-F354-45AC-8DBE-84F6F1B8CD69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7453:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"241E39FF-FE66-444C-A4C2-3D28C45341BE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_74f3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"FAF1298A-F225-4B9D-B3DB-B69ED9139FE1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_74f3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02D08121-DC57-47D7-8214-23A209F0AF08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7443p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"76ED00CB-FAEC-401F-BCE6-7505FC79052D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7443p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E2B13CA-72F4-4CF6-9E12-62E6E9056A14\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7443_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"0F7E9590-2921-4539-A88A-9031256141B8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7443:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C474537-3006-41BA-8C3D-5C370E3ACECD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7413_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"095CA571-847E-47F2-AD91-DFD2B1DE99FF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7413:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1766FF1-77A9-4293-B826-F6A8FBD7AFBF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7373x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"D0A0BC87-4F31-487E-8142-8B55F67D2261\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7373x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180B3002-B3C5-48B5-8322-5B64B237C5B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_73f3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"D71E8010-E3AE-4847-B20D-D4A94FE2E982\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_73f3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"678C5F58-8AE9-46FF-8F01-4CF394C87A2C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7343_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"C647A92B-882A-432A-9CC3-7BFDCFF20F07\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7343:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71B9C24B-2C10-4826-A91B-E1C60665FBBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7313p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"62A5CA50-BFAB-4470-98CB-1478DD281960\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7313p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9000686A-DC2B-4561-9C32-E90890EB2EBA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7313_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"1B3B6C95-72E5-4364-930B-75DE7011C9D1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7313:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B02B61B7-7DD3-4164-8D32-EB961E981BC9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7303p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"83DD388C-713A-4790-8C28-F33DA972B559\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7303p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88ACBFE2-C462-454E-9481-34BDF42237C8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7303_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"7F1B97E1-0559-44E0-B2D9-A03354700E9A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7303:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE26D1A9-79F1-48B0-854F-84421A261E5C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_72f3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"A1C8CBB1-EBF5-4339-B381-FB627CE1F6B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_72f3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F98FF1A-3A2B-4CED-AEA2-9C4F2AC2D8C1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7203p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"87E33F00-8FD4-4BA2-B33C-97DD8EAE658E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7203p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A50B483-D20C-4BD4-94FA-01B8C9A904D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_7203_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"milanpi_1.0.0.b\",\"matchCriteriaId\":\"B3AB732A-0FAD-46FB-994C-38A951F6F186\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_7203:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F44C8195-1621-4327-BBFA-8AFA36BED7AA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"14808E8C-AB59-4989-BE9D-B97FD7923F8D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C150CC54-2F64-48E7-B996-F06247114BC4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"74F50F36-25D0-4DA4-8CA0-886C0EAB5E2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84209250-5078-4E8E-8532-98F652C12D79\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"082C4EA1-81D7-44AE-A541-ABF671C2B090\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C6C0B65-0C8C-4BCE-9B40-39B2EB5E5EA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"1A05E8AD-508C-4559-96E1-9DEF177AA2E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BD9C75-AA02-47C1-94C7-BA5187B8CDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"88873335-352B-4E63-9549-B59CAEF64CF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A95FCDE4-82EF-4C54-A85D-960B36A46DD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"0D84CF54-B439-473E-B9E4-85C90F51AACE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8FC239C-6B12-4F7C-A725-9D66AD39F7F6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"1F4238A3-881F-4228-9C89-502CD84E4D7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1520823-129F-4F48-932B-1CA77D3446CC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"B307DC4A-6AA7-408F-9B08-638D7D15F0FC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932E47BF-3831-4D72-9F26-89CA591692B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"2B79EBE3-3F66-4990-83E7-0C0D19DBBAE1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7FDDC36-A96D-419F-A4B5-8AEF9D5FEBE5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"58E6A323-F04E-4D35-873B-1BF0AF1E90C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14BA8C50-B57A-4F6D-860B-790BD39249B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"877EF1AC-9148-4E54-BDC4-0D8BAD54C49A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0F7101-1B8B-454B-879F-8635CB16D5C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"D09B6F98-9B13-4FD7-ACBD-3518C2171E9B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A152B84-4935-4517-BD9D-37471C281BDA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"A98DA452-BE77-4A37-9ED2-60B86F8D43FE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B1047C6-4627-4520-AFF7-5A0A623336F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"F2B1159B-716A-44B2-AE20-69C7B13DC022\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54EE0A4A-AA13-49CE-8825-407AD6B16B13\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"4C53C00D-654C-40DA-B3AF-BBA4604187ED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFDF951D-9B67-49CE-AD4A-B1052A484E65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"E790D2BD-E1C4-4B54-892B-B2E807F7470C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B085546F-4791-4096-A019-738A37353165\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"A974C32E-F0AA-446E-85F7-5D97EBD8C3DC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7811418-4B63-4CCA-B81F-379FF0277673\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"19B9DE89-2BE2-45D4-B0D4-B98816405526\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2761489D-AABE-4ADD-AE5B-B26C4424F18A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"A34AEDD4-F125-4C54-8702-2EF2A8FA56C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71A34603-6EB8-4D75-9391-8ADC35EA5EFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"1D05F42B-72D8-4A76-8AC5-29FA79487FC1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6DC6F07-2E27-48C3-BD60-81496C2D3C62\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"B490BF74-9BA2-42A9-97F9-8FBA15B61D47\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C3085B2-AFDA-4C34-A2B6-40D599F7E907\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"8B3C52BB-0256-4997-AADC-2E86116FB2E8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF0ED85-2FCF-4DCB-9C7F-0B5EC5EC574C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"45097739-09B3-40A0-8CD3-F8336A140C25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E74F229A-FDBD-4C3D-BE0B-9193E6E560ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"F8C2EBFF-1A24-412B-B45A-71BC6608F4BF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE0954B5-9B6E-4C0E-905B-1E4B3FD50B04\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8534p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"EDC48B77-4822-4851-888A-D59AAD3B57EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8534p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEABF567-1E41-4FD2-876E-7D2689A01D51\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8534pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"34BD5E71-2566-4F18-9722-1E934FB37F8A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8534pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AF46284-ED2F-45F9-A4E8-221593FB7F49\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8434p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"01F8B254-7030-423C-BC00-03996DD50AB8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8434p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5323D02F-E25A-460D-8DA1-F8C72E635E53\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8434pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"AA0B3B84-BF69-49AC-A77A-FB16156EAD74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8434pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9241D42-1771-4528-8436-EE3FDE20C042\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8324p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"0281B9B7-F019-4205-B28A-637FC96C30F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8324p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46C7CC4B-3EC8-42D7-9AE9-F887D4DDF046\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8324pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"78D2BB83-A307-4E49-B68F-782E325D30A4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8324pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4886768-DAFF-481E-894F-F8E816B36EB3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8224p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"5A4AF050-3553-4775-BCF8-264514915DFA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8224p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF4C36B4-CC5F-4A66-9294-71E0531E80F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8224pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"DDF8362F-43EA-4D54-9AA9-C9E1775F58BC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8224pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15981CBF-CB09-416E-AB31-54D650182EBD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8124p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"6499B2A8-7F9E-4AEA-B334-F686FC782033\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8124p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E828D3FB-9EF3-40C4-B338-7BCF73C6EF37\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8124pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"276C4BFA-2476-4791-A597-44D63FED6675\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8124pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B24580CA-3A31-4775-AD72-DF1DB6CB84C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8024p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"849E8C64-C24B-413A-A70E-24B06CF41E8F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8024p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29BACF50-D9DB-4207-BF61-CACDCC3870E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_8024pn_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.7\",\"matchCriteriaId\":\"285BBB3D-2BA9-4ACB-AD14-20B1EF0C4447\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_8024pn:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"364B9EAB-E113-4370-ACDC-92BFD54BEF88\"}]}]}],\"references\":[{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\",\"source\":\"psirt@amd.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T09:05:36.943Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-20566\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-11-27T20:58:09.078592Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-03T14:26:35.441Z\"}}], \"cna\": {\"source\": {\"advisory\": \"AMD-SB-3002\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AMD\", \"product\": \"3rd Gen AMD EPYC\\u2122 Processors\", \"versions\": [{\"status\": \"affected\", \"version\": \"various\"}], \"platforms\": [\"x86\"], \"packageName\": \"PI\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"AMD\", \"product\": \"4th Gen AMD EPYC\\u2122 Processors\", \"versions\": [{\"status\": \"affected\", \"version\": \"various\"}], \"platforms\": [\"x86\"], \"packageName\": \"PI\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 7003\", \"versions\": [{\"status\": \"affected\", \"version\": \"various\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"AMD\", \"product\": \"AMD EPYC\\u2122 Embedded 9003\", \"versions\": [{\"status\": \"affected\", \"version\": \"various\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-11-14T17:30:00.000Z\", \"references\": [{\"url\": \"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"shortName\": \"AMD\", \"dateUpdated\": \"2024-06-18T18:36:52.542Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-20566\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-03T14:26:45.381Z\", \"dateReserved\": \"2022-10-27T18:53:39.753Z\", \"assignerOrgId\": \"b58fc414-a1e4-4f92-9d70-1add41838648\", \"datePublished\": \"2023-11-14T18:54:00.908Z\", \"assignerShortName\": \"AMD\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2023:4665-1
Vulnerability from csaf_suse - Published: 2023-12-06 12:35 - Updated: 2023-12-06 12:35| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-firmware",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-firmware fixes the following issues:\n\nUpdate AMD ucode to 20231030 (bsc#1215831):\n\n- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.\n- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.\n- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.\n0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4665,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4665,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4665,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4665,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4665,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4665,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4665",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4665-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4665-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234665-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4665-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-December/033025.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215823",
"url": "https://bugzilla.suse.com/1215823"
},
{
"category": "self",
"summary": "SUSE Bug 1215831",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46766 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46774 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23820 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23830 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20519 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20521 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20526 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20566 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20592 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20592/"
}
],
"title": "Security update for kernel-firmware",
"tracking": {
"current_release_date": "2023-12-06T12:35:09Z",
"generator": {
"date": "2023-12-06T12:35:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4665-1",
"initial_release_date": "2023-12-06T12:35:09Z",
"revision_history": [
{
"date": "2023-12-06T12:35:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-20200107-150100.3.40.1.noarch",
"product": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch",
"product_id": "kernel-firmware-20200107-150100.3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "ucode-amd-20200107-150100.3.40.1.noarch",
"product": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch",
"product_id": "ucode-amd-20200107-150100.3.40.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch"
},
"product_reference": "kernel-firmware-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-150100.3.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
},
"product_reference": "ucode-amd-20200107-150100.3.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26345"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26345",
"url": "https://www.suse.com/security/cve/CVE-2021-26345"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-26345",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2021-26345"
},
{
"cve": "CVE-2021-46766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46766"
}
],
"notes": [
{
"category": "general",
"text": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46766",
"url": "https://www.suse.com/security/cve/CVE-2021-46766"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46766",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2021-46766"
},
{
"cve": "CVE-2021-46774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46774"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46774",
"url": "https://www.suse.com/security/cve/CVE-2021-46774"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46774",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2021-46774"
},
{
"cve": "CVE-2022-23820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23820"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23820",
"url": "https://www.suse.com/security/cve/CVE-2022-23820"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "external",
"summary": "SUSE Bug 1217557 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1217557"
},
{
"category": "external",
"summary": "SUSE Bug 1220057 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220057"
},
{
"category": "external",
"summary": "SUSE Bug 1220058 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220058"
},
{
"category": "external",
"summary": "SUSE Bug 1221588 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1221588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2022-23820"
},
{
"cve": "CVE-2022-23830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23830"
}
],
"notes": [
{
"category": "general",
"text": "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23830",
"url": "https://www.suse.com/security/cve/CVE-2022-23830"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23830",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2022-23830"
},
{
"cve": "CVE-2023-20519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20519"
}
],
"notes": [
{
"category": "general",
"text": "A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20519",
"url": "https://www.suse.com/security/cve/CVE-2023-20519"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20519",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2023-20519"
},
{
"cve": "CVE-2023-20521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20521"
}
],
"notes": [
{
"category": "general",
"text": "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20521",
"url": "https://www.suse.com/security/cve/CVE-2023-20521"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20521",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2023-20521"
},
{
"cve": "CVE-2023-20526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20526"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20526",
"url": "https://www.suse.com/security/cve/CVE-2023-20526"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20526",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2023-20526"
},
{
"cve": "CVE-2023-20533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20533"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20533",
"url": "https://www.suse.com/security/cve/CVE-2023-20533"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20533",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2023-20533"
},
{
"cve": "CVE-2023-20566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20566"
}
],
"notes": [
{
"category": "general",
"text": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20566",
"url": "https://www.suse.com/security/cve/CVE-2023-20566"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20566",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "important"
}
],
"title": "CVE-2023-20566"
},
{
"cve": "CVE-2023-20592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20592"
}
],
"notes": [
{
"category": "general",
"text": "Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20592",
"url": "https://www.suse.com/security/cve/CVE-2023-20592"
},
{
"category": "external",
"summary": "SUSE Bug 1215823 for CVE-2023-20592",
"url": "https://bugzilla.suse.com/1215823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:ucode-amd-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-firmware-20200107-150100.3.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:ucode-amd-20200107-150100.3.40.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:35:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-20592"
}
]
}
SUSE-SU-2024:2376-1
Vulnerability from csaf_suse - Published: 2024-07-09 17:20 - Updated: 2024-07-09 17:20| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-firmware",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-firmware fixes the following issues:\n\nUpdate AMD ucode to 20231030 (bsc#1215831):\n\n- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.\n- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.\n- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.\n0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2376,SUSE-SLE-Micro-5.5-2024-2376",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2376-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2376-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2376-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035892.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215823",
"url": "https://bugzilla.suse.com/1215823"
},
{
"category": "self",
"summary": "SUSE Bug 1215831",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46766 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46774 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23820 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23830 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20519 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20521 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20526 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20566 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20592 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20592/"
}
],
"title": "Security update for kernel-firmware",
"tracking": {
"current_release_date": "2024-07-09T17:20:51Z",
"generator": {
"date": "2024-07-09T17:20:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2376-1",
"initial_release_date": "2024-07-09T17:20:51Z",
"revision_history": [
{
"date": "2024-07-09T17:20:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-all-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-i915-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-intel-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-media-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-network-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-platform-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-serial-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-sound-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ti-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26345"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26345",
"url": "https://www.suse.com/security/cve/CVE-2021-26345"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-26345",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-26345"
},
{
"cve": "CVE-2021-46766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46766"
}
],
"notes": [
{
"category": "general",
"text": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46766",
"url": "https://www.suse.com/security/cve/CVE-2021-46766"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46766",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-46766"
},
{
"cve": "CVE-2021-46774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46774"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46774",
"url": "https://www.suse.com/security/cve/CVE-2021-46774"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46774",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-46774"
},
{
"cve": "CVE-2022-23820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23820"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23820",
"url": "https://www.suse.com/security/cve/CVE-2022-23820"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "external",
"summary": "SUSE Bug 1217557 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1217557"
},
{
"category": "external",
"summary": "SUSE Bug 1220057 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220057"
},
{
"category": "external",
"summary": "SUSE Bug 1220058 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220058"
},
{
"category": "external",
"summary": "SUSE Bug 1221588 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1221588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2022-23820"
},
{
"cve": "CVE-2022-23830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23830"
}
],
"notes": [
{
"category": "general",
"text": "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23830",
"url": "https://www.suse.com/security/cve/CVE-2022-23830"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23830",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2022-23830"
},
{
"cve": "CVE-2023-20519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20519"
}
],
"notes": [
{
"category": "general",
"text": "A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20519",
"url": "https://www.suse.com/security/cve/CVE-2023-20519"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20519",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20519"
},
{
"cve": "CVE-2023-20521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20521"
}
],
"notes": [
{
"category": "general",
"text": "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20521",
"url": "https://www.suse.com/security/cve/CVE-2023-20521"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20521",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20521"
},
{
"cve": "CVE-2023-20526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20526"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20526",
"url": "https://www.suse.com/security/cve/CVE-2023-20526"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20526",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20526"
},
{
"cve": "CVE-2023-20533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20533"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20533",
"url": "https://www.suse.com/security/cve/CVE-2023-20533"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20533",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20533"
},
{
"cve": "CVE-2023-20566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20566"
}
],
"notes": [
{
"category": "general",
"text": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20566",
"url": "https://www.suse.com/security/cve/CVE-2023-20566"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20566",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20566"
},
{
"cve": "CVE-2023-20592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20592"
}
],
"notes": [
{
"category": "general",
"text": "Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20592",
"url": "https://www.suse.com/security/cve/CVE-2023-20592"
},
{
"category": "external",
"summary": "SUSE Bug 1215823 for CVE-2023-20592",
"url": "https://bugzilla.suse.com/1215823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-20592"
}
]
}
WID-SEC-W-2023-2916
Vulnerability from csaf_certbund - Published: 2023-11-14 23:00 - Updated: 2024-12-15 23:00Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund eines unsachgemäßen oder unerwarteten Verhaltens des INVD-Befehls, der es ermöglicht, das Cache-Zeilen-Rückschreibverhalten der CPU zu beeinflussen. Ein Angreifer mit einem bösartigen Hypervisor kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund einer unsachgemäßen Eingabevalidierung im SMM Supervisor, die es ermöglicht, Ring0-Zugriff zu erlangen. Ein Angreifer mit einem kompromittierten SMI-Handler kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2916 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2916 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html"
},
{
"category": "external",
"summary": "Lenovo Multi-vendor BIOS Security Vulnerabilities",
"url": "https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4654-1 vom 2023-12-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-442 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220057/dsa-2023-="
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-457 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220223/dsa-2023-="
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-441 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220054/dsa-2023-="
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF03893 vom 2023-12-08",
"url": "https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-386 vom 2023-12-13",
"url": "https://www.dell.com/support/kbdoc/000218423/dsa-2023-="
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4665-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4655-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4664-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4660-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF03892 vom 2024-01-08",
"url": "https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0753 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0753"
},
{
"category": "external",
"summary": "AMD Security Bulletin",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0753 vom 2024-02-20",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-February/099225.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0979 vom 2024-02-26",
"url": "https://access.redhat.com/errata/RHSA-2024:0979"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0978 vom 2024-02-26",
"url": "https://access.redhat.com/errata/RHSA-2024:0978"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2024:1112"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-332 vom 2024-05-01",
"url": "https://www.dell.com/support/kbdoc/000217573/dsa-2023-="
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3178 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3178"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3178 vom 2024-05-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-3178.html"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN HPESBCR04657 vom 2024-06-27",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbcr04657en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2376-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018914.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4575 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4575"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173420 vom 2024-10-17",
"url": "https://www.ibm.com/support/pages/node/7173420"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178944 vom 2024-12-14",
"url": "https://www.ibm.com/support/pages/node/7178944"
}
],
"source_lang": "en-US",
"title": "AMD Prozessor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-15T23:00:00.000+00:00",
"generator": {
"date": "2024-12-16T09:17:43.897+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-2916",
"initial_release_date": "2023-11-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-12-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und Dell aufgenommen"
},
{
"date": "2023-12-07T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-12-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2023-12-14T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-01-07T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2024-02-08T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-13T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von AMD aufgenommen"
},
{
"date": "2024-02-20T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2024-02-25T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AMD Prozessor",
"product": {
"name": "AMD Prozessor",
"product_id": "T029010",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:-"
}
}
},
{
"category": "product_name",
"name": "AMD Prozessor",
"product": {
"name": "AMD Prozessor",
"product_id": "T031175",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:-"
}
}
}
],
"category": "product_name",
"name": "Prozessor"
}
],
"category": "vendor",
"name": "AMD"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T029364",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
},
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T032778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
}
],
"category": "product_name",
"name": "BIOS"
},
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T023191",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
},
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T031292",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "product_name",
"name": "Computer"
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE ProLiant",
"product": {
"name": "HPE ProLiant",
"product_id": "T009310",
"product_identification_helper": {
"cpe": "cpe:/h:hp:proliant:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "V10",
"product": {
"name": "IBM Power Hardware Management Console V10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo BIOS",
"product": {
"name": "Lenovo BIOS",
"product_id": "T005651",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:bios:-"
}
}
},
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T030470",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26345",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-26345"
},
{
"cve": "CVE-2021-46758",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46758"
},
{
"cve": "CVE-2021-46766",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46766"
},
{
"cve": "CVE-2021-46774",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46774"
},
{
"cve": "CVE-2022-23820",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23820"
},
{
"cve": "CVE-2022-23821",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23821"
},
{
"cve": "CVE-2022-23830",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23830"
},
{
"cve": "CVE-2023-20519",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20519"
},
{
"cve": "CVE-2023-20521",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20521"
},
{
"cve": "CVE-2023-20526",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20526"
},
{
"cve": "CVE-2023-20533",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20533"
},
{
"cve": "CVE-2023-20563",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20563"
},
{
"cve": "CVE-2023-20565",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20565"
},
{
"cve": "CVE-2023-20566",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20566"
},
{
"cve": "CVE-2023-20571",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20571"
},
{
"cve": "CVE-2023-20592",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund eines unsachgem\u00e4\u00dfen oder unerwarteten Verhaltens des INVD-Befehls, der es erm\u00f6glicht, das Cache-Zeilen-R\u00fcckschreibverhalten der CPU zu beeinflussen. Ein Angreifer mit einem b\u00f6sartigen Hypervisor kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20592"
},
{
"cve": "CVE-2023-20596",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung im SMM Supervisor, die es erm\u00f6glicht, Ring0-Zugriff zu erlangen. Ein Angreifer mit einem kompromittierten SMI-Handler kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20596"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.