SUSE-SU-2018:0051-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20180051-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0051-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:0051-1
Related
Published
2018-01-09T11:47:46Z
Modified
2018-01-09T11:47:46Z
Summary
Security update for kernel-firmware
Details

This update for kernel-firmware fixes the following issues:

  • Add microcodeamdfam17h.bin (bsc#1068032 CVE-2017-5715)

This new firmware enables the Indirect Branch Control (IBC) feature on AMD family 17h processor to mitigate an attack on the branch predictor that could lead to information disclosure from e.g. kernel memory (bsc#1068032 CVE-2017-5715).

References

Affected packages

SUSE:Linux Enterprise Server 12-LTSS / kernel-firmware

Package

Name
kernel-firmware
Purl
purl:rpm/suse/kernel-firmware&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20140807git-5.3.1

Ecosystem specific

{
    "binaries": [
        {
            "ucode-amd": "20140807git-5.3.1",
            "kernel-firmware": "20140807git-5.3.1"
        }
    ]
}