pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43c7060749
vuln-list-alt/oval/p11/ALT-PU-2020-2350/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

153 lines
6.2 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20202350",
"Version": "oval:org.altlinux.errata:def:20202350",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-2350: package `firmware-intel-ucode` update to version 13-alt1.20200616",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-2350",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-2350",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-00306",
"RefURL": "https://bdu.fstec.ru/vul/2020-00306",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00307",
"RefURL": "https://bdu.fstec.ru/vul/2020-00307",
"Source": "BDU"
},
{
"RefID": "BDU:2020-04459",
"RefURL": "https://bdu.fstec.ru/vul/2020-04459",
"Source": "BDU"
},
{
"RefID": "CVE-2020-0543",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"Source": "CVE"
},
{
"RefID": "CVE-2020-0548",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"Source": "CVE"
},
{
"RefID": "CVE-2020-0549",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"Source": "CVE"
}
],
"Description": "This update upgrades firmware-intel-ucode to version 13-alt1.20200616. \nSecurity Fix(es):\n\n * BDU:2020-00306: Уязвимость процессоров Intel, связанная с утечкой в буфер хранения (Store Buffer) результатов операций чтения из векторных регистров, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2020-00307: Уязвимость процессоров Intel, вызванная утечкой данных из кэша L1D, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2020-04459: Уязвимость микропрограммного обеспечения процессоров Intel, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * CVE-2020-0543: Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\n\n * CVE-2020-0548: Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.\n\n * CVE-2020-0549: Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-07-13"
},
"Updated": {
"Date": "2020-07-13"
},
"BDUs": [
{
"ID": "BDU:2020-00306",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200, CWE-452",
"Href": "https://bdu.fstec.ru/vul/2020-00306",
"Impact": "Low",
"Public": "20200128"
},
{
"ID": "BDU:2020-00307",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CWE": "CWE-200, CWE-452",
"Href": "https://bdu.fstec.ru/vul/2020-00307",
"Impact": "Low",
"Public": "20200128"
},
{
"ID": "BDU:2020-04459",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2020-04459",
"Impact": "Low",
"Public": "20200615"
}
],
"CVEs": [
{
"ID": "CVE-2020-0543",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-0543",
"Impact": "Low",
"Public": "20200615"
},
{
"ID": "CVE-2020-0548",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-404",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-0548",
"Impact": "Low",
"Public": "20200128"
},
{
"ID": "CVE-2020-0549",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-404",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-0549",
"Impact": "Low",
"Public": "20200128"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20202350001",
"Comment": "firmware-intel-ucode is earlier than 2:13-alt1.20200616"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink