SUSE-SU-2026:20941-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-202620941-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:20941-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:20941-1
- Upstream
- Related
- Published
- 2026-03-19T09:31:38Z
- Modified
- 2026-04-02T17:26:38.696029Z
- Summary
- Security update for ucode-intel
- Details
-
This update for ucode-intel fixes the following issues:
Intel CPU Microcode was updated to the 20260210 release (bsc#1258046):
CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access (bsc#1229129).
CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege (bsc#1258046).
Intel CPU Microcode was updated to the 20251111 release (bsc#1253319):
- Update for functional issues.
switch the supplements to use supplements + kernel to allow moving a installation to Intel hardware (bsc#1249138)
Intel CPU Microcode was updated to the 20241029 release (bsc#1230400):
- Update for functional issues.
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-202620941-1/
- https://bugzilla.suse.com/1229129
- https://bugzilla.suse.com/1230400
- https://bugzilla.suse.com/1249138
- https://bugzilla.suse.com/1253319
- https://bugzilla.suse.com/1258046
- https://www.suse.com/security/cve/CVE-2024-24853
- https://www.suse.com/security/cve/CVE-2025-31648
Affected packages
SUSE:Linux Enterprise Server 16.0 / ucode-intel
Package
- Name
- ucode-intel
- Purl
- pkg:rpm/suse/ucode-intel&distro=SUSE%20Linux%20Enterprise%20Server%2016.0