Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-46766 (GCVE-0-2021-46766)
Vulnerability from cvelistv5 – Published: 2023-11-14 18:51 – Updated: 2024-08-04 05:17
VLAI
EPSS
Summary
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
Severity
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security… | vendor-advisory |
| https://www.amd.com/en/corporate/product-security… | vendor-advisory |
| https://www.amd.com/en/corporate/product-security… | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | Ryzen™ Threadripper™ PRO 3000WX Series Processors “Chagall” WS |
Affected:
various
|
|
| AMD | 4th Gen AMD EPYC™ Processors |
Affected:
various
|
|
| AMD | AMD EPYC™ Embedded 9003 |
Affected:
various
|
Date Public
2023-11-14 17:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "PI",
"platforms": [
"x86"
],
"product": "Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors \u201cChagall\u201d WS",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "PI",
"platforms": [
"x86"
],
"product": "4th Gen AMD EPYC\u2122 Processors",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AMD EPYC\u2122 Embedded 9003",
"vendor": "AMD",
"versions": [
{
"status": "affected",
"version": "various"
}
]
}
],
"datePublic": "2023-11-14T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\u003cbr\u003e"
}
],
"value": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T18:40:54.027Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001"
}
],
"source": {
"advisory": "AMD-SB-4002, AMD-SB-3002, AMD-SB-5001",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-46766",
"datePublished": "2023-11-14T18:51:58.036Z",
"dateReserved": "2022-03-31T16:50:27.871Z",
"dateUpdated": "2024-08-04T05:17:42.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-46766",
"date": "2026-05-30",
"epss": "0.00033",
"percentile": "0.10252"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-46766\",\"sourceIdentifier\":\"psirt@amd.com\",\"published\":\"2023-11-14T19:15:10.360\",\"lastModified\":\"2024-11-21T06:34:40.617\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\"},{\"lang\":\"es\",\"value\":\"La limpieza inadecuada de datos confidenciales en el ASP Bootloader puede exponer claves secretas a un atacante privilegiado que acceda a ASP SRAM, lo que podr\u00eda provocar una p\u00e9rdida de confidencialidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@amd.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N\",\"baseScore\":2.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-459\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9654p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"108F1054-C8C4-4540-9B8F-7510A8C00DE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9654p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C150CC54-2F64-48E7-B996-F06247114BC4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9654_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"2AFDDF77-6A68-41A9-855A-D3B436450D93\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9654:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84209250-5078-4E8E-8532-98F652C12D79\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9634_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"BC0BDD69-8BC1-46D7-9655-CF913F0DA6F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9634:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C6C0B65-0C8C-4BCE-9B40-39B2EB5E5EA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9554p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"A36DB7E2-8A18-4320-8E1B-77CD4D115608\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9554p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2BD9C75-AA02-47C1-94C7-BA5187B8CDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9554_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"473699C8-A35C-4F67-85A5-AB70C3C3995D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9554:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A95FCDE4-82EF-4C54-A85D-960B36A46DD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9534_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"FA2FB4A9-C883-4341-880F-EDE30F5275B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9534:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8FC239C-6B12-4F7C-A725-9D66AD39F7F6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9474f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"0E5D8A84-122E-4A10-9FC3-F208B19BF5F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9474f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1520823-129F-4F48-932B-1CA77D3446CC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9454p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"537004D8-84C7-4369-A26B-D3DB83B30F5E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9454p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932E47BF-3831-4D72-9F26-89CA591692B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9454_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"27CFA9DB-772C-4375-9F7A-4B77E89325A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9454:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7FDDC36-A96D-419F-A4B5-8AEF9D5FEBE5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9374f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"111CF9AA-F533-48CB-9A8B-36B54A31338F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9374f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14BA8C50-B57A-4F6D-860B-790BD39249B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9354p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"9D89ED2E-81EE-4B7A-B669-24A3C558C8F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9354p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0F7101-1B8B-454B-879F-8635CB16D5C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9354_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"C68FBBCF-0B6C-4BE3-A558-0A0CD8CA5816\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9354:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A152B84-4935-4517-BD9D-37471C281BDA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9334_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"7219B700-3CA5-4A01-994A-D398E45761C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9334:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B1047C6-4627-4520-AFF7-5A0A623336F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9274f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"6D27B7AE-9F65-435A-8ADA-EFDE74AB1C32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9274f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54EE0A4A-AA13-49CE-8825-407AD6B16B13\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9254_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"22F6220C-EEFD-4A88-95DC-86652BF4E868\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9254:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFDF951D-9B67-49CE-AD4A-B1052A484E65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9224_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"73C1A76F-0CF7-4F75-8142-13CB61AEDC91\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9224:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B085546F-4791-4096-A019-738A37353165\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9174f_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"05E04E6A-AB17-4EA8-A6DB-D99E31A0E478\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9174f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7811418-4B63-4CCA-B81F-379FF0277673\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9124_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"F9F21CD9-AD47-4158-B06A-7BF5BEFBEE7D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9124:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2761489D-AABE-4ADD-AE5B-B26C4424F18A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9684x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"26E15633-2713-425B-B56B-0E7F406C9291\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9684x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71A34603-6EB8-4D75-9391-8ADC35EA5EFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9384x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"28F264D8-503B-45EA-B302-72B60946FAF8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9384x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6DC6F07-2E27-48C3-BD60-81496C2D3C62\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9184x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"EB7B338B-9718-4773-A9CD-B325E157D3C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9184x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C3085B2-AFDA-4C34-A2B6-40D599F7E907\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9754_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"17C71132-E668-4D85-806C-FC7D230E9AA7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9754:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF0ED85-2FCF-4DCB-9C7F-0B5EC5EC574C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9754s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"8D0CCB18-115B-497D-8788-8DDDD2ADEF40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9754s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E74F229A-FDBD-4C3D-BE0B-9193E6E560ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:epyc_9734_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"genoapi_1.0.0.4\",\"matchCriteriaId\":\"6E97DA39-D9D9-42E7-9533-4411BF9CBA5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:epyc_9734:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE0954B5-9B6E-4C0E-905B-1E4B3FD50B04\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"chagallwspi-swrx8_1.0.0.5\",\"matchCriteriaId\":\"D5535C20-7053-4830-A0F2-6B8179A3FE2C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"015BEF9F-7CFC-4A99-B9B4-FB58B3F35E31\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"chagallwspi-swrx8_1.0.0.5\",\"matchCriteriaId\":\"BCDA0456-EB37-4F13-82C8-4531BD4375B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D16B66-A4EC-422D-856A-A862ECE13FBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"chagallwspi-swrx8_1.0.0.5\",\"matchCriteriaId\":\"C1F318AA-C432-4328-A433-F7A293C31435\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDF7650-0A7D-48FF-AD78-2D2DBF3CD646\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"chagallwspi-swrx8_1.0.0.5\",\"matchCriteriaId\":\"55FF86B7-DE2B-4509-9C2F-A18806CDA346\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85D99997-1389-493E-BDEA-9904A46E48EE\"}]}]}],\"references\":[{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\",\"source\":\"psirt@amd.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002\",\"source\":\"psirt@amd.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001\",\"source\":\"psirt@amd.com\"},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-3002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-5001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2024:2376-1
Vulnerability from csaf_suse - Published: 2024-07-09 17:20 - Updated: 2024-07-09 17:20Summary
Security update for kernel-firmware
Severity
Important
Notes
Title of the patch: Security update for kernel-firmware
Description of the patch: This update for kernel-firmware fixes the following issues:
Update AMD ucode to 20231030 (bsc#1215831):
- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.
- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.
0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.
- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).
Patchnames: SUSE-2024-2376,SUSE-SLE-Micro-5.5-2024-2376
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
43 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-firmware",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-firmware fixes the following issues:\n\nUpdate AMD ucode to 20231030 (bsc#1215831):\n\n- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.\n- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.\n- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.\n0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2376,SUSE-SLE-Micro-5.5-2024-2376",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2376-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2376-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2376-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035892.html"
},
{
"category": "self",
"summary": "SUSE Bug 1215823",
"url": "https://bugzilla.suse.com/1215823"
},
{
"category": "self",
"summary": "SUSE Bug 1215831",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26345 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46766 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46774 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23820 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-23830 page",
"url": "https://www.suse.com/security/cve/CVE-2022-23830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20519 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20521 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20526 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20566 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20592 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20592/"
}
],
"title": "Security update for kernel-firmware",
"tracking": {
"current_release_date": "2024-07-09T17:20:51Z",
"generator": {
"date": "2024-07-09T17:20:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2376-1",
"initial_release_date": "2024-07-09T17:20:51Z",
"revision_history": [
{
"date": "2024-07-09T17:20:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-all-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-i915-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-intel-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-media-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-network-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-platform-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-serial-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-sound-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ti-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"product": {
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"product_id": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-all-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-i915-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-intel-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-media-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-media-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-network-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-platform-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
},
"product_reference": "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26345"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26345",
"url": "https://www.suse.com/security/cve/CVE-2021-26345"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-26345",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-26345"
},
{
"cve": "CVE-2021-46766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46766"
}
],
"notes": [
{
"category": "general",
"text": "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46766",
"url": "https://www.suse.com/security/cve/CVE-2021-46766"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46766",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-46766"
},
{
"cve": "CVE-2021-46774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46774"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46774",
"url": "https://www.suse.com/security/cve/CVE-2021-46774"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2021-46774",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2021-46774"
},
{
"cve": "CVE-2022-23820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23820"
}
],
"notes": [
{
"category": "general",
"text": "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23820",
"url": "https://www.suse.com/security/cve/CVE-2022-23820"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1215831"
},
{
"category": "external",
"summary": "SUSE Bug 1217557 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1217557"
},
{
"category": "external",
"summary": "SUSE Bug 1220057 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220057"
},
{
"category": "external",
"summary": "SUSE Bug 1220058 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1220058"
},
{
"category": "external",
"summary": "SUSE Bug 1221588 for CVE-2022-23820",
"url": "https://bugzilla.suse.com/1221588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2022-23820"
},
{
"cve": "CVE-2022-23830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-23830"
}
],
"notes": [
{
"category": "general",
"text": "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-23830",
"url": "https://www.suse.com/security/cve/CVE-2022-23830"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2022-23830",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2022-23830"
},
{
"cve": "CVE-2023-20519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20519"
}
],
"notes": [
{
"category": "general",
"text": "A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest\u0027s migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20519",
"url": "https://www.suse.com/security/cve/CVE-2023-20519"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20519",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20519"
},
{
"cve": "CVE-2023-20521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20521"
}
],
"notes": [
{
"category": "general",
"text": "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20521",
"url": "https://www.suse.com/security/cve/CVE-2023-20521"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20521",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20521"
},
{
"cve": "CVE-2023-20526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20526"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20526",
"url": "https://www.suse.com/security/cve/CVE-2023-20526"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20526",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20526"
},
{
"cve": "CVE-2023-20533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20533"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20533",
"url": "https://www.suse.com/security/cve/CVE-2023-20533"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20533",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20533"
},
{
"cve": "CVE-2023-20566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20566"
}
],
"notes": [
{
"category": "general",
"text": "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20566",
"url": "https://www.suse.com/security/cve/CVE-2023-20566"
},
{
"category": "external",
"summary": "SUSE Bug 1215831 for CVE-2023-20566",
"url": "https://bugzilla.suse.com/1215831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "important"
}
],
"title": "CVE-2023-20566"
},
{
"cve": "CVE-2023-20592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20592"
}
],
"notes": [
{
"category": "general",
"text": "Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20592",
"url": "https://www.suse.com/security/cve/CVE-2023-20592"
},
{
"category": "external",
"summary": "SUSE Bug 1215823 for CVE-2023-20592",
"url": "https://bugzilla.suse.com/1215823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T17:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2023-20592"
}
]
}
WID-SEC-W-2023-2916
Vulnerability from csaf_certbund - Published: 2023-11-14 23:00 - Updated: 2024-12-15 23:00Summary
AMD Prozessor: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Prozessoren sind die zentralen Rechenwerke eines Computers.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - BIOS/Firmware
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem "Use-After-Free", einer unsachgemäßen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund eines unsachgemäßen oder unerwarteten Verhaltens des INVD-Befehls, der es ermöglicht, das Cache-Zeilen-Rückschreibverhalten der CPU zu beeinflussen. Ein Angreifer mit einem bösartigen Hypervisor kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund einer unsachgemäßen Eingabevalidierung im SMM Supervisor, die es ermöglicht, Ring0-Zugriff zu erlangen. Ein Angreifer mit einem kompromittierten SMI-Handler kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Lenovo BIOS
Lenovo
|
cpe:/h:lenovo:bios:-
|
— | |
|
Dell Computer
Dell
|
cpe:/o:dell:dell_computer:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Dell BIOS
Dell / BIOS
|
cpe:/h:dell:bios:-
|
— | |
|
HP Computer
HP / Computer
|
cpe:/h:hp:computer:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
AMD Prozessor
AMD / Prozessor
|
cpe:/h:amd:amd_processor:-
|
— | |
|
Lenovo Computer
Lenovo
|
cpe:/h:lenovo:computer:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
HPE ProLiant
HPE
|
cpe:/h:hp:proliant:-
|
— | |
|
IBM Power Hardware Management Console V10
IBM / Power Hardware Management Console
|
cpe:/a:ibm:hardware_management_console:v10
|
V10 |
References
32 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Prozessoren sind die zentralen Rechenwerke eines Computers.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in AMD Prozessor ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2916 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2916.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2916 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2916"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3002.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4002.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3005.html"
},
{
"category": "external",
"summary": "AMD Security Bulletin vom 2023-11-14",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7011.html"
},
{
"category": "external",
"summary": "Lenovo Multi-vendor BIOS Security Vulnerabilities",
"url": "https://support.lenovo.com/de/de/product_security/ps500589-multi-vendor-bios-security-vulnerabilities-november-2023"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4654-1 vom 2023-12-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017285.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-442 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220057/dsa-2023-="
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-457 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220223/dsa-2023-="
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-441 vom 2023-12-07",
"url": "https://www.dell.com/support/kbdoc/000220054/dsa-2023-="
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF03893 vom 2023-12-08",
"url": "https://support.hp.com/us-en/document/ish_9799938-9799975-16/HPSBHF03893"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-386 vom 2023-12-13",
"url": "https://www.dell.com/support/kbdoc/000218423/dsa-2023-="
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4665-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017397.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4655-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017401.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4664-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017396.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4660-1 vom 2023-12-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017402.html"
},
{
"category": "external",
"summary": "HP Security Bulletin HPSBHF03892 vom 2024-01-08",
"url": "https://support.hp.com/us-en/document/ish_9925738-9925742-16/HPSBHF03892"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0753 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0753"
},
{
"category": "external",
"summary": "AMD Security Bulletin",
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-5001.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2024:0753 vom 2024-02-20",
"url": "https://lists.centos.org/pipermail/centos-announce/2024-February/099225.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0979 vom 2024-02-26",
"url": "https://access.redhat.com/errata/RHSA-2024:0979"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0978 vom 2024-02-26",
"url": "https://access.redhat.com/errata/RHSA-2024:0978"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2024:1112"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-332 vom 2024-05-01",
"url": "https://www.dell.com/support/kbdoc/000217573/dsa-2023-="
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3178 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:3178"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3178 vom 2024-05-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-3178.html"
},
{
"category": "external",
"summary": "HPE SECURITY BULLETIN HPESBCR04657 vom 2024-06-27",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbcr04657en_us\u0026docLocale=en_US"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2376-1 vom 2024-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018914.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4575 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4575"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7173420 vom 2024-10-17",
"url": "https://www.ibm.com/support/pages/node/7173420"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178944 vom 2024-12-14",
"url": "https://www.ibm.com/support/pages/node/7178944"
}
],
"source_lang": "en-US",
"title": "AMD Prozessor: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-15T23:00:00.000+00:00",
"generator": {
"date": "2024-12-16T09:17:43.897+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-2916",
"initial_release_date": "2023-11-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-12-06T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und Dell aufgenommen"
},
{
"date": "2023-12-07T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-12-12T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2023-12-14T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-01-07T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2024-02-08T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-13T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von AMD aufgenommen"
},
{
"date": "2024-02-20T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2024-02-25T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-16T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-17T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "19"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AMD Prozessor",
"product": {
"name": "AMD Prozessor",
"product_id": "T029010",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:-"
}
}
},
{
"category": "product_name",
"name": "AMD Prozessor",
"product": {
"name": "AMD Prozessor",
"product_id": "T031175",
"product_identification_helper": {
"cpe": "cpe:/h:amd:amd_processor:-"
}
}
}
],
"category": "product_name",
"name": "Prozessor"
}
],
"category": "vendor",
"name": "AMD"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T029364",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
},
{
"category": "product_name",
"name": "Dell BIOS",
"product": {
"name": "Dell BIOS",
"product_id": "T032778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:bios:-"
}
}
}
],
"category": "product_name",
"name": "BIOS"
},
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T023191",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
},
{
"category": "product_name",
"name": "HP Computer",
"product": {
"name": "HP Computer",
"product_id": "T031292",
"product_identification_helper": {
"cpe": "cpe:/h:hp:computer:-"
}
}
}
],
"category": "product_name",
"name": "Computer"
}
],
"category": "vendor",
"name": "HP"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE ProLiant",
"product": {
"name": "HPE ProLiant",
"product_id": "T009310",
"product_identification_helper": {
"cpe": "cpe:/h:hp:proliant:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "V10",
"product": {
"name": "IBM Power Hardware Management Console V10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo BIOS",
"product": {
"name": "Lenovo BIOS",
"product_id": "T005651",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:bios:-"
}
}
},
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T030470",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26345",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-26345"
},
{
"cve": "CVE-2021-46758",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46758"
},
{
"cve": "CVE-2021-46766",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46766"
},
{
"cve": "CVE-2021-46774",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2021-46774"
},
{
"cve": "CVE-2022-23820",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23820"
},
{
"cve": "CVE-2022-23821",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23821"
},
{
"cve": "CVE-2022-23830",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2022-23830"
},
{
"cve": "CVE-2023-20519",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20519"
},
{
"cve": "CVE-2023-20521",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20521"
},
{
"cve": "CVE-2023-20526",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20526"
},
{
"cve": "CVE-2023-20533",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20533"
},
{
"cve": "CVE-2023-20563",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20563"
},
{
"cve": "CVE-2023-20565",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20565"
},
{
"cve": "CVE-2023-20566",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20566"
},
{
"cve": "CVE-2023-20571",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in AMD Prozessor. Diese Fehler bestehen im AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted Virtualization - Secure Nested Paging (SEV-SNP) und anderen Plattformkomponenten aufgrund verschiedener Sicherheitsprobleme wie einer unzureichenden Eingabevalidierung, einem \"Use-After-Free\", einer unsachgem\u00e4\u00dfen Adressvalidierung und anderen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20571"
},
{
"cve": "CVE-2023-20592",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund eines unsachgem\u00e4\u00dfen oder unerwarteten Verhaltens des INVD-Befehls, der es erm\u00f6glicht, das Cache-Zeilen-R\u00fcckschreibverhalten der CPU zu beeinflussen. Ein Angreifer mit einem b\u00f6sartigen Hypervisor kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20592"
},
{
"cve": "CVE-2023-20596",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in AMD-Prozessoren. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung im SMM Supervisor, die es erm\u00f6glicht, Ring0-Zugriff zu erlangen. Ein Angreifer mit einem kompromittierten SMI-Handler kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
}
],
"product_status": {
"known_affected": [
"T005651",
"T006498",
"T023191",
"T029364",
"T029010",
"67646",
"T032778",
"T031292",
"T004914",
"T031175",
"T030470",
"T002207",
"1727",
"T009310",
"T023373"
]
},
"release_date": "2023-11-14T23:00:00.000+00:00",
"title": "CVE-2023-20596"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…