OESA-2024-2550 linux-firmware security update

🗓️ 13 Dec 2024 13:18:54Reported by GoogleType

osv🔗 osv.dev👁 1 Views

Linux firmware update fixes IOMMU DTE range handling bypassing SEV-SNP RMP and SEV memory cleanup flaw.

Reporter	Title	Published	Views	Family All 89
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	27 May 202523:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	15 Apr 202502:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in linux-firmware (CVE-2023-20584, CVE-2023-31315, CVE-2023-31356) affect Power HMC.	15 Apr 202503:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities	30 Jan 202513:31	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0223: linux-firmware (ALINUX3-SA-2024:0223)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : linux-firmware (ALSA-2024:7481)	4 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : linux-firmware (ALSA-2024:7484)	4 Oct 202400:00	–	nessus
Tenable Nessus	MiracleLinux 9 : linux-firmware-20240905-143.3.el9_4 (AXSA:2024-8883:10)	20 Jan 202600:00	–	nessus
Tenable Nessus	MiracleLinux 8 : linux-firmware-20240827-124.git3cff7109.el8_10 (AXSA:2024-8884:11)	20 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 7 / 8 / 9 : linux-firmware (ELSA-2024-12797)	23 Oct 202400:00	–	nessus

Source	Link
openeuler	www.openeuler.org/zh/security/security-bulletins/detail/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-20584
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-31356

03 Sep 2025 06:18Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.3 - 6

EPSS0.00031

SSVC