Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2017-0472
HistoryDec 28, 2017 - 4:16 p.m.

Updated nonfree firmwares fixes security issues and adds new hw support

2017-12-2816:16:56
Gentoo Foundation
advisories.mageia.org
11

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.201 Low

EPSS

Percentile

96.3%

JSON

Updated nonfree firmwares fixes at least the following security issues: Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air (CVE-2016-0801) - adding length checks for TDLS action frames (CVE-2017-0561) - adding length checks for WME IE (CVE-2017-9417) Iwlwifi firmware fixes: - The reinstallation of the Group Temporal key could be used for replay attacks (CVE-2017-13080) - The reinstallation of the Integrity Group Temporal key could be used for replay attacks (CVE-2017-13081) This update also adds updated firmwares: * ath10k, cxgb4, liquidio, mrvl, ql2400, ql2500, wilc1000 * Amd Polaris10-12, Intel BXT/SKL/KBL/CNL and new firmwares: * Amd Vega10 and Raven * Cavium nitrox * Intel CNL/GLK, IPU3, JeffersonPeak, ThunderPeak * Mellanox Spectrum * nVidia GP108 (GTX1030) * Qualcom Adreno &Venus;, imx SDMA, * Realtek rtl8822be in order to support new hardware supported by 4.14 series kernels.

Related

openvas 42
nessus 38
osv 5
debian 2
fedora 5
cloudfoundry 1
intel 1
suse 30
hp 3
ubuntu 1
ubuntucve 5
apple 9
debiancve 5
prion 5
huawei 1
cve 5
chrome 2
mscve 2
zdt 3
android 3
alpinelinux 2
redhatcve 2
mageia 2
veracode 2
mskb 1
kaspersky 2
exploitpack 1
packetstorm 1
threatpost 2
msrc 1
seebug 2
oraclelinux 2
exploitdb 1
archlinux 2
thn 1
nvidia 1
ics 4
freebsd_advisory 1
altlinux 1
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0472)
2022-01-28 00:00:00
Fedora Update for linux-firmware FEDORA-2017-a253644369
2017-12-10 00:00:00
Fedora Update for linux-firmware FEDORA-2017-355ac8a91a
2017-12-10 00:00:00
nessus
nessus
Fedora 26 : linux-firmware (2017-a253644369)
2017-12-11 00:00:00
Fedora 27 : linux-firmware (2017-355ac8a91a)
2018-01-15 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : linux-firmware (EulerOS-SA-2020-1997)
2020-09-29 00:00:00
osv
osv
firmware-nonfree - security update
2018-11-10 00:00:00
CVE-2017-13081
2017-10-17 13:29:00
CVE-2017-13080
2017-10-17 13:29:00
debian
debian
[SECURITY] [DLA 1573-1] firmware-nonfree security update
2018-11-13 01:33:10
[SECURITY] [DSA 3999-1] wpa security update
2017-10-16 09:20:15
fedora
fedora
[SECURITY] Fedora 27 Update: linux-firmware-20171126-80.git17e62881.fc27
2017-12-10 05:11:11
[SECURITY] Fedora 26 Update: linux-firmware-20171126-80.git17e62881.fc26
2017-12-09 22:29:28
[SECURITY] Fedora 26 Update: wpa_supplicant-2.6-11.fc26
2017-10-16 17:59:17
cloudfoundry
cloudfoundry
USN-3505-1: Linux firmware vulnerabilities | Cloud Foundry
2017-12-14 00:00:00
intel
intel
Frame replay vulnerability in Wi-Fi subsystem in Intel® Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle
2017-12-07 00:00:00
suse
suse
Security update for kernel-firmware (important)
2017-11-27 22:19:04
Security update for kernel-firmware (important)
2017-11-30 03:12:49
Security update for wpa_supplicant (important)
2017-10-17 18:11:19
hp
hp
HPSBHF03582 rev. 2 - KRACK Vulnerability Affecting WPA2 Wireless Security
2018-04-03 00:00:00
HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities
2018-01-09 00:00:00
HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products
2018-01-12 00:00:00
ubuntu
ubuntu
Linux firmware vulnerabilities
2017-12-06 00:00:00
ubuntucve
ubuntucve
CVE-2017-5729
2017-11-21 00:00:00
CVE-2016-0801
2016-02-07 00:00:00
CVE-2017-0561
2017-04-07 00:00:00
apple
apple
About the security content of AirPort Base Station Firmware Update 7.7.9 - Apple Support
2017-12-12 09:19:46
About the security content of AirPort Base Station Firmware Update 7.7.9
2017-12-12 00:00:00
About the security content of Wi-Fi Update for Boot Camp 6.1
2017-07-19 00:00:00
debiancve
debiancve
CVE-2017-9417
2017-06-04 21:29:00
CVE-2017-13081
2017-10-17 13:29:00
CVE-2016-0801
2016-02-07 01:59:00
prion
prion
Design/Logic Flaw
2017-06-04 21:29:00
Design/Logic Flaw
2017-10-17 13:29:00
Memory corruption
2016-02-07 01:59:00
huawei
huawei
Security Advisory - BroadPwn Remote Code Execute Vulnerability
2017-07-27 00:00:00
cve
cve
CVE-2017-9417
2017-06-04 21:29:00
CVE-2017-13081
2017-10-17 13:29:00
CVE-2016-0801
2016-02-07 01:59:00
chrome
chrome
Stable Channel Update for Chrome OS
2017-08-02 00:00:00
Stable Channel Update for Chrome OS
2017-05-02 00:00:00
mscve
mscve
Broadcom BCM43xx Remote Code Execution Vulnerability
2017-09-12 07:00:00
Windows Wireless WPA Group Key Reinstallation Vulnerability
2017-10-16 07:00:00
zdt
zdt
Broadcom BCM43xx Wi-Fi - BroadPWN Denial of Service Exploit
2018-03-09 00:00:00
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit
2017-04-05 00:00:00
Broadcom Wi-Fi SoC - Heap Overflow in wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm
2017-04-05 00:00:00
android
android
CVE-2017-9417
2017-07-01 00:00:00
CVE-2016-0801
2016-02-01 00:00:00
CVE-2017-0561
2017-04-01 00:00:00
alpinelinux
alpinelinux
CVE-2017-13081
2017-10-17 13:29:00
CVE-2017-13080
2017-10-17 13:29:00
redhatcve
redhatcve
CVE-2017-13081
2017-10-16 09:49:42
CVE-2017-13080
2019-10-09 16:30:50
mageia
mageia
Updated nonfree firmware packages fixes security vulnerabilities
2018-07-25 11:24:17
Updated wpa_supplicant and hostapd packages fix security vulnerabilities
2017-10-19 21:14:02
veracode
veracode
Spoofable Frames
2020-09-21 06:30:54
Key Reinstallation Attack (KRACK)
2019-05-16 01:48:06
mskb
mskb
Description of the Windows Server 2008 Windows wireless WPA group key reinstallation vulnerability: October 16, 2017
2017-10-16 07:00:00
kaspersky
kaspersky
KLA11852 Security UI vulnerability in Microsoft Products (ESU)
2017-10-16 00:00:00
KLA11851 Security UI vulnerability in Microsoft Windows
2017-10-16 00:00:00
exploitpack
exploitpack
Google Android Broadcom Wi-Fi Driver - Memory Corruption
2016-05-11 00:00:00
packetstorm
packetstorm
Android Broadcom Wi-Fi Driver Memory Corruption
2016-05-11 00:00:00
threatpost
threatpost
Apple Patches KRACK Vulnerability in iOS 11.1
2017-10-31 15:12:18
Google Patches Critical 'Broadpwn' Bug in July Security Update
2017-07-06 12:30:16
msrc
msrc
2017 年 10 月のセキュリティ更新プログラム (月例)
2017-10-10 07:00:00
seebug
seebug
Broadcom: Heap overflow in "wlc_tdls_cal_mic_chk" due to large RSN IE in TDLS Setup Confirm frame (CVE-2017-0561)
2017-04-05 00:00:00
Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)
2017-04-05 00:00:00
oraclelinux
oraclelinux
wpa_supplicant security update
2017-10-18 00:00:00
wpa_supplicant security update
2017-10-17 00:00:00
exploitdb
exploitdb
Google Android Broadcom Wi-Fi Driver - Memory Corruption
2016-05-11 00:00:00
archlinux
archlinux
[ASA-201710-22] wpa_supplicant: man-in-the-middle
2017-10-16 00:00:00
[ASA-201710-23] hostapd: man-in-the-middle
2017-10-16 00:00:00
thn
thn
Millions of Android Devices Using Broadcom Wi-Fi Chip Can Be Hacked Remotely
2017-07-06 20:29:00
nvidia
nvidia
Security Bulletin: NVIDIA Linux for Tegra (L4T) “KRACK” vulnerabilities
2017-12-20 00:00:00
ics
ics
Stryker Medical Beds
2019-01-29 12:00:00
PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol
2017-12-19 12:00:00
BD Pyxis
2018-04-24 12:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-17:07.wpa
2017-10-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-un-def version 1:4.1.47-alt0.M70P.1
2017-12-08 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.201 Low

EPSS

Percentile

96.3%

JSON
Related for MGASA-2017-0472
openvas42nessus38osv5debian2fedora5cloudfoundry1intel1suse30hp3ubuntu1ubuntucve5apple9debiancve5prion5huawei1cve5chrome2mscve2zdt3android3alpinelinux2redhatcve2mageia2veracode2mskb1kaspersky2exploitpack1packetstorm1threatpost2msrc1seebug2oraclelinux2exploitdb1archlinux2thn1nvidia1ics4freebsd_advisory1altlinux1