Overview

File _patchinfo of Package patchinfo.42800

<patchinfo incident="42800">
  <issue tracker="bnc" id="1229129">VUL-0: ucode-intel: 20240813 release</issue>
  <issue tracker="bnc" id="1258046">VUL-0: CVE-2024-24853, CVE-2025-31648: ucode-intel: 20260210 release</issue>
  <issue tracker="cve" id="2024-24853"/>
  <issue tracker="cve" id="2025-31648"/>
  <packager>msmeissn</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ucode-intel</summary>
  <description>This update for ucode-intel fixes the following issues:

- Intel CPU Microcode was updated to the 20260210 release (bsc#1258046)
- CVE-2024-24853: Updated fix for incorrect behavior order in transition
  between executive monitor and SMI transfer monitor (STM) in some Intel(R)
  Processor may allow a privileged user to potentially enable escalation
  of privilege via local access. (bsc#1229129)
- CVE-2025-31648: Improper handling of values in the microcode flow for
  some Intel Processor Family may allow an escalation of privilege. (bsc#1258046)
</description>
  <reboot_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places