Lucene search

CentOS ProjectCESA-2023:7513

HistoryJan 12, 2024 - 7:14 p.m.

iwl100, iwl1000, iwl105, iwl135, iwl2000, iwl2030, iwl3160, iwl3945, iwl4965, iwl5000, iwl5150, iwl6000, iwl6000g2a, iwl6000g2b, iwl6050, iwl7260, linux security update

2024-01-1219:14:06

CentOS Project

lists.centos.org

centos

firmware

amd

vulnerability

update

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

Low

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

22.7%

JSON

CentOS Errata and Security Advisory CESA-2023:7513

The linux-firmware packages contain all of the firmware files that are required by various devices to operate.

Security Fix(es):

hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
hw: amd: Cross-Process Information Leak (CVE-2023-20593)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2024-January/099179.html

Affected packages:
iwl100-firmware
iwl1000-firmware
iwl105-firmware
iwl135-firmware
iwl2000-firmware
iwl2030-firmware
iwl3160-firmware
iwl3945-firmware
iwl4965-firmware
iwl5000-firmware
iwl5150-firmware
iwl6000-firmware
iwl6000g2a-firmware
iwl6000g2b-firmware
iwl6050-firmware
iwl7260-firmware
linux-firmware

Upstream details at:
https://access.redhat.com/errata/RHSA-2023:7513

OSVersionArchitecturePackageVersionFilename
CentOS7noarchiwl1000-firmware< 39.31.5.1-81.el7_9iwl1000-firmware-39.31.5.1-81.el7_9.noarch.rpm
CentOS7noarchiwl100-firmware< 39.31.5.1-81.el7_9iwl100-firmware-39.31.5.1-81.el7_9.noarch.rpm
CentOS7noarchiwl105-firmware< 18.168.6.1-81.el7_9iwl105-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS7noarchiwl135-firmware< 18.168.6.1-81.el7_9iwl135-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS7noarchiwl2000-firmware< 18.168.6.1-81.el7_9iwl2000-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS7noarchiwl2030-firmware< 18.168.6.1-81.el7_9iwl2030-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS7noarchiwl3160-firmware< 25.30.13.0-81.el7_9iwl3160-firmware-25.30.13.0-81.el7_9.noarch.rpm
CentOS7noarchiwl3945-firmware< 15.32.2.9-81.el7_9iwl3945-firmware-15.32.2.9-81.el7_9.noarch.rpm
CentOS7noarchiwl4965-firmware< 228.61.2.24-81.el7_9iwl4965-firmware-228.61.2.24-81.el7_9.noarch.rpm
CentOS7noarchiwl5000-firmware< 8.83.5.1_1-81.el7_9iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	noarch	iwl1000-firmware	< 39.31.5.1-81.el7_9	iwl1000-firmware-39.31.5.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl100-firmware	< 39.31.5.1-81.el7_9	iwl100-firmware-39.31.5.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl105-firmware	< 18.168.6.1-81.el7_9	iwl105-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl135-firmware	< 18.168.6.1-81.el7_9	iwl135-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl2000-firmware	< 18.168.6.1-81.el7_9	iwl2000-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl2030-firmware	< 18.168.6.1-81.el7_9	iwl2030-firmware-18.168.6.1-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl3160-firmware	< 25.30.13.0-81.el7_9	iwl3160-firmware-25.30.13.0-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl3945-firmware	< 15.32.2.9-81.el7_9	iwl3945-firmware-15.32.2.9-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl4965-firmware	< 228.61.2.24-81.el7_9	iwl4965-firmware-228.61.2.24-81.el7_9.noarch.rpm
CentOS	7	noarch	iwl5000-firmware	< 8.83.5.1_1-81.el7_9	iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch.rpm