Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2022:1923-1
HistoryJun 02, 2022 - 12:00 a.m.

Security update for kernel-firmware (important)

2022-06-0200:00:00
lists.opensuse.org
21

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

An update that fixes 17 vulnerabilities is now available.

Description:

This update for kernel-firmware fixes the following issues:

Update to version 20220411 (git commit f219d616f42b, bsc#1199459):

  • CVE-2021-26373, CVE-2021-26347, CVE-2021-26376, CVE-2021-26350,
    CVE-2021-26375, CVE-2021-26378, CVE-2021-26372, CVE-2021-26339,
    CVE-2021-26348, CVE-2021-26342, CVE-2021-26388, CVE-2021-26349,
    CVE-2021-26364, CVE-2021-26312: Update AMD cpu microcode

Update to version 20220309 (git commit cd01f857da28, bsc#1199470):

  • CVE-2021-46744: Ciphertext Side Channels on AMD SEV

Update Intel Bluetooth firmware (INTEL-SA-00604, bsc#1195786):

  • CVE-2021-33139, CVE-2021-33155: Improper conditions check in the
    firmware for some Intel Wireless Bluetooth and Killer Bluetooth products
    may allow an authenticated user to potentially cause denial of service
    via adjacent access.

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:

    zypper in -t patch openSUSE-SLE-15.4-2022-1923=1

  • SUSE Linux Enterprise Module for Basesystem 15-SP4:

    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1923=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.4noarch< - openSUSE Leap 15.4 (noarch):- openSUSE Leap 15.4 (noarch):.noarch.rpm
SUSE Linux Enterprise Module for Basesystem 15SP4noarch<  SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):.noarch.rpm

Related

nessus 11
openvas 13
suse 2
amd 4
intel 1
hp 2
prion 17
cve 17
cnvd 5
cvelist 17
ubuntucve 2
debiancve 2
freebsd 1
mageia 1
nessus
nessus
SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1923-1)
2022-06-03 00:00:00
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1847-1)
2022-05-26 00:00:00
SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
openvas
openvas
openSUSE: Security Advisory for kernel-firmware (SUSE-SU-2022:1923-1)
2022-06-03 00:00:00
openSUSE: Security Advisory for kernel-firmware (SUSE-SU-2022:1840-1)
2022-05-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1847-1)
2022-05-26 00:00:00
suse
suse
Security update for kernel-firmware (moderate)
2022-05-25 00:00:00
Security update for kernel-firmware (important)
2022-03-31 00:00:00
amd
amd
AMD Server Vulnerabilities - May 2022
2022-05-10 00:00:00
Ciphertext Side Channels on AMD SEV
2022-05-10 00:00:00
AMD Client Vulnerabilities – May 2022
2022-05-10 00:00:00
intel
intel
Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory
2022-02-08 00:00:00
hp
hp
Intel® Wireless Bluetooth® and Killer™ Bluetooth® February 2022 Security Updates
2022-02-08 00:00:00
AMD Client UEFI Firmware May 2022 Security Updates
2022-05-10 00:00:00
prion
prion
Design/Logic Flaw
2021-11-16 18:15:00
Integer overflow
2022-05-11 17:15:00
Design/Logic Flaw
2022-05-11 17:15:00
cve
cve
CVE-2021-26348
2022-05-11 17:15:00
CVE-2021-26347
2022-05-11 17:15:00
CVE-2021-26372
2022-05-11 17:15:00
cnvd
cnvd
AMD System Management Unit Denial of Service Vulnerability (CNVD-2022-63548)
2022-05-13 00:00:00
AMD BIOS Denial of Service Vulnerability
2022-05-13 00:00:00
AMD System Management Unit Denial of Service Vulnerability
2022-05-13 00:00:00
cvelist
cvelist
CVE-2021-26347
2022-05-11 16:22:09
CVE-2021-26372
2022-05-10 00:00:00
CVE-2021-26375
2022-05-10 00:00:00
ubuntucve
ubuntucve
CVE-2021-33155
2022-02-09 00:00:00
CVE-2021-33139
2022-02-09 00:00:00
debiancve
debiancve
CVE-2021-33139
2022-02-09 23:15:00
CVE-2021-33155
2022-02-09 23:15:00
freebsd
freebsd
wolfssl -- multiple issues
2022-07-11 00:00:00
mageia
mageia
Updated nonfree firmware packages fix security vulnerabilities
2022-02-15 23:50:31

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON
Related for SUSE-SU-2022:1923-1
nessus11openvas13suse2amd4intel1hp2prion17cve17cnvd5cvelist17ubuntucve2debiancve2freebsd1mageia1