Bugzilla – Bug 736671
VUL-0: CVE-2012-2456: microcode_ctl: [SLE11 SP2 RC1] update microcode to 20111110
Last modified: 2017-11-13 14:29:35 UTC
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2; MS-RTC LM 8) Microcode 20111110 version is available on: http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=20728&keyword=%22microcode%22&lang=eng Please update it at SLE11 SP2. Reproducible: Always Steps to Reproduce: 1. 2. 3.
The SWAMPID for this issue is 44899. This issue was rated as important. Please submit fixed packages until 2012-01-18. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/44899
Patch submitted to: SUSE:SLE-11-SP1:Update:Test Swamp info provided. I wasn't 100% sure about the category, afaik in SP1 TXT is not supported and I set category to "recommended" not "security"! -> According to Dirk this will show up in SP2 automatically -> reassigning to Dirk for finalizing
TXT is not supported in SP1, but in SP2. At least we have the toolchain in place.
Update released for: microcode_ctl Products: SLE-DESKTOP 11-SP1 (i386, x86_64) SLE-SERVER 11-SP1 (i386, x86_64) SLE-SERVER 11-SP1-TERADATA (x86_64) SLES4VMWARE 11-SP1 (i386, x86_64)
Resolving as fixed.
http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00030&languageid=en-fr CVE-2012-2456
CVE-2012-2456.
I had some feedback session with Mitre on this, and this was assigned duplicate. CVE-2011-5174 is the ID to be used for the SINIT buffer overflows.