Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-13080 (GCVE-0-2017-13080)
Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58
VLAI
EPSS
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Severity
No CVSS data available.
CWE
- CWE-323 - Reusing a Nonce, Key Pair in Encryption
Assigner
References
43 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Affected:
WPA
Affected: WPA2 |
Date Public
2017-10-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T20:06:15.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "https://support.apple.com/HT208327",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://support.apple.com/HT208325",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208325"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039572"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://support.apple.com/HT208222",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208222"
},
{
"name": "https://support.apple.com/HT208334",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208334"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://support.apple.com/HT208220",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208220"
},
{
"name": "https://support.apple.com/HT208219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039703"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13080",
"datePublished": "2017-10-17T13:00:00.000Z",
"dateReserved": "2017-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:58:12.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-13080",
"date": "2026-05-28",
"epss": "0.00818",
"percentile": "0.74633"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-13080\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2017-10-17T13:29:00.397\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.\"},{\"lang\":\"es\",\"value\":\"Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave temporal GTK (Group Temporal Key) durante la negociaci\u00f3n de la clave de grupo, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":2.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-323\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9EC02F3-3905-460D-8949-3B26394215CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4195DB45-CF5A-4FA6-BF58-BAF77EE555C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5B9266-A927-4F62-8742-721CE9A4C4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602D3280-2974-4809-BE70-1EA9437AEBF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5753931-556B-4EEC-B510-751BA3613CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2095C863-1FB0-4016-81FF-3CAB44E77FD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC7AAFCB-AB64-4B39-87AA-936E386A82C2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6454F0F-6CC1-4EA2-8D7C-51709FD7F318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFCB5512-B60E-48D7-B136-ADF19E5E74BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB1420D-5D05-4BFC-8AF7-2AB00B76148B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21324D89-B634-4D6B-987B-4AD29079373D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB43314-8725-48A0-8902-864567808AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AA3D0E-C483-4575-8209-DE643A3FEC7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1212B910-E4A5-47A1-A263-4E1C13CF3EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A6A99E-5129-4E8D-A0AF-61755BDA3565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC42F782-63CB-4960-BF65-4856776CFBE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"212B0353-4AEF-4861-A054-6193CAA05390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E702507-5BA0-4A12-80C6-A729F32A6A80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24810936-DABC-485D-B952-22F16C3016FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF46881-4484-4ABB-AC0C-152664E2CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"880CBDD7-BFEC-48F6-8C4C-D300143B6571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29CCA41-5784-48C3-B9ED-6B1FF063FB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37B9643D-4046-4034-8B68-18F59154CD66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681C458F-D1BD-48DA-86C7-BA714F5AA9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4057F722-1A8E-4D75-B049-E3632AC8EF65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F53FDB-7136-444E-AB03-9D8A6A31E249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63AB46C0-2F00-4805-84A9-323BA4E594DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06119A43-B1CA-4021-87D2-C67BE6125423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768D16AF-3A8B-47DD-A499-948A73062AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BECC3EF-2777-4FF9-9750-93D1245A9247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2D07095-6331-4079-BD86-E414CEE35624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61CDB3D2-F6C3-43CF-ACE8-95E96DF02293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B4681FC-44F4-4E86-8431-8EDAD65492D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6FB535-AFFF-4083-AF1D-9E1ED504158F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74105F9-E729-47BA-A96F-4D15947B673A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5F7411-0B32-4041-8235-2B1AEC186FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9191D783-4390-4603-9C4D-F673270E63C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36F3308-EABA-451F-90E1-65919450A809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F6680B-7015-4EB0-AABC-A4DD50894CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAFF5E3-EA27-4688-87AD-1648003D3D1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E00A5B5-81D8-4BF3-B857-028D7D06CA5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"476C3ED0-B77C-490F-AF1E-BC4C7D52D818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B1972B5-F896-419C-9FFA-FB583B114B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2E84533-EB76-4A8F-90ED-E9342EAF3427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AE0623-87CB-4CEF-BD3B-6BCF676031CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"905B55A4-2488-44D1-991F-C142C3527F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90102D17-8D03-4F59-811B-FBFB98D627C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9381F69-1633-44DD-967F-D29587B67079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9169BDAC-6207-4B6A-8EF3-D52DED1A9311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E17E03-53C6-4E74-91A8-4C4363666291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4C6FEDE-B0E9-479A-9185-48D62DBC91FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643762E2-969E-4531-B79E-961697E5DA8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627AD871-2091-48E9-B801-3E3D5CF8E594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC691E5-6265-4FAB-9ACA-C65EB99AFA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4701BF31-B3FC-4590-9787-3BA94ECB8D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB96005-E214-4C60-865E-B693115527D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF264-2315-43CE-B2A6-4234B394854C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EF53AD-F985-446E-89B8-4BFECE00AD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A11DBFA-9F0E-4358-8541-E5371C11FE80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AEB08-FF7D-4DC3-AB14-B8F2B9474810\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8C5523-16E4-417E-A159-F5D0F9E83C5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB93C2FC-6913-448E-8B93-EEB2229EC86C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ECA3172-7088-4B5E-923D-37B155729BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FD6B1B-7555-449D-9CCB-1487FAEE8098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9726F4DE-8037-49AD-A092-7EF9D5BF99EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57CFAD92-EECD-417D-ADDB-8178C320B204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DCD75C-9775-4922-8A44-C4707C640946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"086BF5C5-255C-4E2E-83D3-A8B83AED6B60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*\",\"matchCriteriaId\":\"91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5561F-BE86-4EEA-99D4-8697F8BD9DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"B2F3699A-38E4-4E9D-9414-411F71D9E371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039572\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039585\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039703\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2911\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"cret@cert.org\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-003\",\"source\":\"cret@cert.org\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"cret@cert.org\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208219\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208220\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208222\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208325\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208327\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.apple.com/HT208334\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"cret@cert.org\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039572\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2911\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208334\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]}]}}"
}
}
OPENSUSE-SU-2025:14794-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-qlogic-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-qlogic-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-qlogic-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14794
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-qlogic-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-qlogic-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14794",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14794-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-qlogic-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14794-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-qlogic-20250206-1.1.aarch64",
"product_id": "kernel-firmware-qlogic-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-qlogic-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-qlogic-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-qlogic-20250206-1.1.s390x",
"product_id": "kernel-firmware-qlogic-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-qlogic-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-qlogic-20250206-1.1.x86_64",
"product_id": "kernel-firmware-qlogic-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-qlogic-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-qlogic-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-qlogic-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-qlogic-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-qlogic-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-qlogic-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14795-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-radeon-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-radeon-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-radeon-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14795
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-radeon-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-radeon-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14795",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14795-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-radeon-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14795-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-radeon-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-radeon-20250206-1.1.aarch64",
"product_id": "kernel-firmware-radeon-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-radeon-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-radeon-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-radeon-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-radeon-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-radeon-20250206-1.1.s390x",
"product_id": "kernel-firmware-radeon-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-radeon-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-radeon-20250206-1.1.x86_64",
"product_id": "kernel-firmware-radeon-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-radeon-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-radeon-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-radeon-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-radeon-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-radeon-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-radeon-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14796-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-realtek-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-realtek-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-realtek-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14796
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
71 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-realtek-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-realtek-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14796",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14796-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:14796-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JRVYJFDMGL4ZFIAYJKJTQHRR5SPMPZJ2/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:14796-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JRVYJFDMGL4ZFIAYJKJTQHRR5SPMPZJ2/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-realtek-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14796-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-realtek-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-realtek-20250206-1.1.aarch64",
"product_id": "kernel-firmware-realtek-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-realtek-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-realtek-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-realtek-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-realtek-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-realtek-20250206-1.1.s390x",
"product_id": "kernel-firmware-realtek-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-realtek-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-realtek-20250206-1.1.x86_64",
"product_id": "kernel-firmware-realtek-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-realtek-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-realtek-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-realtek-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-realtek-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-realtek-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-realtek-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14797-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-serial-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-serial-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-serial-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14797
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
71 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-serial-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-serial-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14797",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14797-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:14797-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RLB6EQ4PQFULA6326VPRQRWW66T32SST/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:14797-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RLB6EQ4PQFULA6326VPRQRWW66T32SST/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-serial-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14797-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-serial-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-serial-20250206-1.1.aarch64",
"product_id": "kernel-firmware-serial-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-serial-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-serial-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-serial-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-serial-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-serial-20250206-1.1.s390x",
"product_id": "kernel-firmware-serial-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-serial-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-serial-20250206-1.1.x86_64",
"product_id": "kernel-firmware-serial-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-serial-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-serial-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-serial-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-serial-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-serial-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-serial-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14798-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-sound-20250210-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-sound-20250210-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-sound-20250210-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14798
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-sound-20250210-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-sound-20250210-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14798",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14798-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-sound-20250210-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14798-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-sound-20250210-1.1.aarch64",
"product": {
"name": "kernel-firmware-sound-20250210-1.1.aarch64",
"product_id": "kernel-firmware-sound-20250210-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-sound-20250210-1.1.ppc64le",
"product": {
"name": "kernel-firmware-sound-20250210-1.1.ppc64le",
"product_id": "kernel-firmware-sound-20250210-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-sound-20250210-1.1.s390x",
"product": {
"name": "kernel-firmware-sound-20250210-1.1.s390x",
"product_id": "kernel-firmware-sound-20250210-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-sound-20250210-1.1.x86_64",
"product": {
"name": "kernel-firmware-sound-20250210-1.1.x86_64",
"product_id": "kernel-firmware-sound-20250210-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20250210-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64"
},
"product_reference": "kernel-firmware-sound-20250210-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20250210-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le"
},
"product_reference": "kernel-firmware-sound-20250210-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20250210-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x"
},
"product_reference": "kernel-firmware-sound-20250210-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-sound-20250210-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
},
"product_reference": "kernel-firmware-sound-20250210-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-sound-20250210-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14799-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-ti-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-ti-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-ti-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14799
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-ti-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-ti-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14799",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14799-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-ti-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14799-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ti-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-ti-20250206-1.1.aarch64",
"product_id": "kernel-firmware-ti-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ti-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-ti-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-ti-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ti-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-ti-20250206-1.1.s390x",
"product_id": "kernel-firmware-ti-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ti-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-ti-20250206-1.1.x86_64",
"product_id": "kernel-firmware-ti-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-ti-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-ti-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-ti-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ti-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-ti-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ti-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14800-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-ueagle-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-ueagle-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-ueagle-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14800
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
71 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-ueagle-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-ueagle-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14800",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14800-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:14800-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XIORKETHKWBJRRYF55G3J3DL3T7QGOEL/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:14800-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XIORKETHKWBJRRYF55G3J3DL3T7QGOEL/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-ueagle-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14800-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-ueagle-20250206-1.1.aarch64",
"product_id": "kernel-firmware-ueagle-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-ueagle-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-ueagle-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-ueagle-20250206-1.1.s390x",
"product_id": "kernel-firmware-ueagle-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-ueagle-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-ueagle-20250206-1.1.x86_64",
"product_id": "kernel-firmware-ueagle-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-ueagle-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-ueagle-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-ueagle-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-ueagle-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-ueagle-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-ueagle-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14801-1
Vulnerability from csaf_opensuse - Published: 2025-02-12 00:00 - Updated: 2025-02-12 00:00Summary
kernel-firmware-usb-network-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-usb-network-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-usb-network-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14801
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-usb-network-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-usb-network-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14801",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14801-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-usb-network-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-12T00:00:00Z",
"generator": {
"date": "2025-02-12T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14801-1",
"initial_release_date": "2025-02-12T00:00:00Z",
"revision_history": [
{
"date": "2025-02-12T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-usb-network-20250206-1.1.aarch64",
"product_id": "kernel-firmware-usb-network-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-usb-network-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-usb-network-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-usb-network-20250206-1.1.s390x",
"product_id": "kernel-firmware-usb-network-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-usb-network-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-usb-network-20250206-1.1.x86_64",
"product_id": "kernel-firmware-usb-network-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-usb-network-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-usb-network-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-usb-network-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-usb-network-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-usb-network-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-usb-network-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
OPENSUSE-SU-2025:14804-1
Vulnerability from csaf_opensuse - Published: 2025-02-13 00:00 - Updated: 2025-02-13 00:00Summary
kernel-firmware-all-20250206-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: kernel-firmware-all-20250206-1.1 on GA media
Description of the patch: These are all security issues fixed in the kernel-firmware-all-20250206-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-14804
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
71 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kernel-firmware-all-20250206-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kernel-firmware-all-20250206-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-14804",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14804-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:14804-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EISBLM6MW64JFKX5G6QNSKXKI34QXKQ4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:14804-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EISBLM6MW64JFKX5G6QNSKXKI34QXKQ4/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5715 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9836 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26339 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26348 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26364 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-26375 page",
"url": "https://www.suse.com/security/cve/CVE-2021-26375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33139 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46744 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20569 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-20593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-20593/"
}
],
"title": "kernel-firmware-all-20250206-1.1 on GA media",
"tracking": {
"current_release_date": "2025-02-13T00:00:00Z",
"generator": {
"date": "2025-02-13T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:14804-1",
"initial_release_date": "2025-02-13T00:00:00Z",
"revision_history": [
{
"date": "2025-02-13T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20250206-1.1.aarch64",
"product": {
"name": "kernel-firmware-all-20250206-1.1.aarch64",
"product_id": "kernel-firmware-all-20250206-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20250206-1.1.ppc64le",
"product": {
"name": "kernel-firmware-all-20250206-1.1.ppc64le",
"product_id": "kernel-firmware-all-20250206-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20250206-1.1.s390x",
"product": {
"name": "kernel-firmware-all-20250206-1.1.s390x",
"product_id": "kernel-firmware-all-20250206-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-all-20250206-1.1.x86_64",
"product": {
"name": "kernel-firmware-all-20250206-1.1.x86_64",
"product_id": "kernel-firmware-all-20250206-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20250206-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64"
},
"product_reference": "kernel-firmware-all-20250206-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20250206-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le"
},
"product_reference": "kernel-firmware-all-20250206-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20250206-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x"
},
"product_reference": "kernel-firmware-all-20250206-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-all-20250206-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
},
"product_reference": "kernel-firmware-all-20250206-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-5715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5715"
}
],
"notes": [
{
"category": "general",
"text": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5715",
"url": "https://www.suse.com/security/cve/CVE-2017-5715"
},
{
"category": "external",
"summary": "SUSE Bug 1068032 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1068032"
},
{
"category": "external",
"summary": "SUSE Bug 1074562 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074562"
},
{
"category": "external",
"summary": "SUSE Bug 1074578 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074578"
},
{
"category": "external",
"summary": "SUSE Bug 1074701 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074701"
},
{
"category": "external",
"summary": "SUSE Bug 1074741 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074741"
},
{
"category": "external",
"summary": "SUSE Bug 1074919 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1074919"
},
{
"category": "external",
"summary": "SUSE Bug 1075006 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075006"
},
{
"category": "external",
"summary": "SUSE Bug 1075007 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075007"
},
{
"category": "external",
"summary": "SUSE Bug 1075262 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075262"
},
{
"category": "external",
"summary": "SUSE Bug 1075419 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1075419"
},
{
"category": "external",
"summary": "SUSE Bug 1076115 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076115"
},
{
"category": "external",
"summary": "SUSE Bug 1076372 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076372"
},
{
"category": "external",
"summary": "SUSE Bug 1076606 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1076606"
},
{
"category": "external",
"summary": "SUSE Bug 1078353 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1078353"
},
{
"category": "external",
"summary": "SUSE Bug 1080039 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1080039"
},
{
"category": "external",
"summary": "SUSE Bug 1087887 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087887"
},
{
"category": "external",
"summary": "SUSE Bug 1087939 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1087939"
},
{
"category": "external",
"summary": "SUSE Bug 1088147 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "external",
"summary": "SUSE Bug 1089055 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1089055"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1095735 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1095735"
},
{
"category": "external",
"summary": "SUSE Bug 1102517 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1102517"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1126516 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1126516"
},
{
"category": "external",
"summary": "SUSE Bug 1173489 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1173489"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1178658"
},
{
"category": "external",
"summary": "SUSE Bug 1201457 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201457"
},
{
"category": "external",
"summary": "SUSE Bug 1201877 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1201877"
},
{
"category": "external",
"summary": "SUSE Bug 1203236 for CVE-2017-5715",
"url": "https://bugzilla.suse.com/1203236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2019-9836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9836"
}
],
"notes": [
{
"category": "general",
"text": "Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9836",
"url": "https://www.suse.com/security/cve/CVE-2019-9836"
},
{
"category": "external",
"summary": "SUSE Bug 1139383 for CVE-2019-9836",
"url": "https://bugzilla.suse.com/1139383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-9836"
},
{
"cve": "CVE-2021-26339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26339"
}
],
"notes": [
{
"category": "general",
"text": "A bug in AMD CPU\u0027s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26339",
"url": "https://www.suse.com/security/cve/CVE-2021-26339"
},
{
"category": "external",
"summary": "SUSE Bug 1199459 for CVE-2021-26339",
"url": "https://bugzilla.suse.com/1199459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26339"
},
{
"cve": "CVE-2021-26348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"notes": [
{
"category": "general",
"text": "Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26348",
"url": "https://www.suse.com/security/cve/CVE-2021-26348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26348"
},
{
"cve": "CVE-2021-26364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26364",
"url": "https://www.suse.com/security/cve/CVE-2021-26364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26364"
},
{
"cve": "CVE-2021-26375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-26375",
"url": "https://www.suse.com/security/cve/CVE-2021-26375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-26375"
},
{
"cve": "CVE-2021-33139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33139"
}
],
"notes": [
{
"category": "general",
"text": "Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33139",
"url": "https://www.suse.com/security/cve/CVE-2021-33139"
},
{
"category": "external",
"summary": "SUSE Bug 1195786 for CVE-2021-33139",
"url": "https://bugzilla.suse.com/1195786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-33139"
},
{
"cve": "CVE-2021-46744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46744"
}
],
"notes": [
{
"category": "general",
"text": "An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46744",
"url": "https://www.suse.com/security/cve/CVE-2021-46744"
},
{
"category": "external",
"summary": "SUSE Bug 1199470 for CVE-2021-46744",
"url": "https://bugzilla.suse.com/1199470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-46744"
},
{
"cve": "CVE-2023-20569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20569"
}
],
"notes": [
{
"category": "general",
"text": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled\u202faddress, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20569",
"url": "https://www.suse.com/security/cve/CVE-2023-20569"
},
{
"category": "external",
"summary": "SUSE Bug 1213287 for CVE-2023-20569",
"url": "https://bugzilla.suse.com/1213287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20569"
},
{
"cve": "CVE-2023-20593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-20593"
}
],
"notes": [
{
"category": "general",
"text": "An issue in \"Zen 2\" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-20593",
"url": "https://www.suse.com/security/cve/CVE-2023-20593"
},
{
"category": "external",
"summary": "SUSE Bug 1213286 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213286"
},
{
"category": "external",
"summary": "SUSE Bug 1213616 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1213616"
},
{
"category": "external",
"summary": "SUSE Bug 1215674 for CVE-2023-20593",
"url": "https://bugzilla.suse.com/1215674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.aarch64",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.ppc64le",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.s390x",
"openSUSE Tumbleweed:kernel-firmware-all-20250206-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-13T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-20593"
}
]
}
RHSA-2017:2907
Vulnerability from csaf_redhat - Published: 2017-10-17 21:38 - Updated: 2026-05-13 01:18Summary
Red Hat Security Advisory: wpa_supplicant security update
Severity
Important
Notes
Topic: An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver.
Security Fix(es):
* A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A new exploitation technique called key reinstallation attacks (KRACKs) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) during a 4-way handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a 4-way handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a group key handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) by retransmitting Fast BSS Transition (FT) Reassociation Requests.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used Tunneled Direct-Link Setup (TDLS) Peerkey (TPK) key during a TDLS handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a Wireless Network Management (WNM) Sleep Mode handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used integrity group key (IGTK) during a Wireless Network Management (WNM) Sleep Mode handshake.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
42 references
Acknowledgments
CERT
University of Leuven
Mathy Vanhoef
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver.\n\nSecurity Fix(es):\n\n* A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2907",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "1491692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491692"
},
{
"category": "external",
"summary": "1491693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491693"
},
{
"category": "external",
"summary": "1491696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491696"
},
{
"category": "external",
"summary": "1491698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491698"
},
{
"category": "external",
"summary": "1500302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500302"
},
{
"category": "external",
"summary": "1500303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500303"
},
{
"category": "external",
"summary": "1500304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500304"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2907.json"
}
],
"title": "Red Hat Security Advisory: wpa_supplicant security update",
"tracking": {
"current_release_date": "2026-05-13T01:18:04+00:00",
"generator": {
"date": "2026-05-13T01:18:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2017:2907",
"initial_release_date": "2017-10-17T21:38:59+00:00",
"revision_history": [
{
"date": "2017-10-17T21:38:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-10-17T21:38:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-13T01:18:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"product": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"product_id": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant-debuginfo@2.6-5.el7_4.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"product": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"product_id": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant@2.6-5.el7_4.1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"product": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"product_id": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant@2.6-5.el7_4.1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"product": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"product_id": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant-debuginfo@2.6-5.el7_4.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"product": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"product_id": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant@2.6-5.el7_4.1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"product": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"product_id": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant-debuginfo@2.6-5.el7_4.1?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"product": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"product_id": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant@2.6-5.el7_4.1?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"product": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"product_id": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant-debuginfo@2.6-5.el7_4.1?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"product": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"product_id": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wpa_supplicant@2.6-5.el7_4.1?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Client-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
},
"product_reference": "wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13077",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1491692"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACKs) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) during a 4-way handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5, 6, and 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13077"
},
{
"category": "external",
"summary": "RHBZ#1491692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13078",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1491693"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a 4-way handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: Reinstallation of the group key in the 4-way handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5, 6, and 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13078"
},
{
"category": "external",
"summary": "RHBZ#1491693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491693"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13078",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13078"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: Reinstallation of the group key in the 4-way handshake"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13080",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1491696"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a group key handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: Reinstallation of the group key in the group key handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5, 6, and 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "RHBZ#1491696",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491696"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: Reinstallation of the group key in the group key handshake"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13082",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1491698"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) by retransmitting Fast BSS Transition (FT) Reassociation Requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13082"
},
{
"category": "external",
"summary": "RHBZ#1491698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13082",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13082"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13086",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1500302"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used Tunneled Direct-Link Setup (TDLS) Peerkey (TPK) key during a TDLS handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5 and 6, as it does not support TDLS.\n\nThis issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13086"
},
{
"category": "external",
"summary": "RHBZ#1500302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13086",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13086"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13087",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1500303"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a Wireless Network Management (WNM) Sleep Mode handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issues affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 6 and 7.\n\nThis issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13087"
},
{
"category": "external",
"summary": "RHBZ#1500303",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500303"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13087",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13087"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13087",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13087"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame"
},
{
"acknowledgments": [
{
"names": [
"CERT"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "University of Leuven",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2017-13088",
"cwe": {
"id": "CWE-323",
"name": "Reusing a Nonce, Key Pair in Encryption"
},
"discovery_date": "2017-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1500304"
}
],
"notes": [
{
"category": "description",
"text": "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used integrity group key (IGTK) during a Wireless Network Management (WNM) Sleep Mode handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5 and 6.\n\nThis issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13088"
},
{
"category": "external",
"summary": "RHBZ#1500304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13088",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13088"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/kracks",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"category": "external",
"summary": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"category": "external",
"summary": "https://www.krackattacks.com/",
"url": "https://www.krackattacks.com/"
}
],
"release_date": "2017-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-10-17T21:38:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Client-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Client-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7ComputeNode-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7ComputeNode-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Server-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Server-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.src",
"7Workstation-7.4.Z:wpa_supplicant-1:2.6-5.el7_4.1.x86_64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.ppc64le",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.s390x",
"7Workstation-7.4.Z:wpa_supplicant-debuginfo-1:2.6-5.el7_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…