Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

SUSE: 2022:1065-1 Important: Escalation of Privilege and DoS Threat

suse
Calendar Grey March 31, 2022
Dist Suse Esm H88
SUSE has released a security update for the kernel-firmware that addresses 18 vulnerabilities, which encompass severe risk factors such as privilege escalation and denial of service concerns.
An update that fixes 18 vulnerabilities is now available

Summary

This update for kernel-firmware fixes the following issues: Update Intel Wireless firmware for 9xxx (INTEL-SA-00539, bsc#1196333): CVE-2021-0161: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0164: Improper access control in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access. CVE-2021-0165: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0066: Improper input validation in firmware for Intel

Topics%20covered

Topics Covered

security advisory denial of service important local access SUSE Linux Enterprise kernel firmware escalation of privilege

References

#1186938 #1188662 #1192953 #1195786 #1196333

Cross- CVE-2021-0066 CVE-2021-0071 CVE-2021-0072

CVE-2021-0076 CVE-2021-0161 CVE-2021-0164

CVE-2021-0165 CVE-2021-0166 CVE-2021-0168

CVE-2021-0170 CVE-2021-0172 CVE-2021-0173

CVE-2021-0174 CVE-2021-0175 CVE-2021-0176

CVE-2021-0183 CVE-2021-33139 CVE-2021-33155

CVSS scores:

CVE-2021-0066 (NVD) : 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-0066 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-0071 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-0072 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-0072 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-0076 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:1065-1
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service important local access SUSE Linux Enterprise kernel firmware escalation of privilege

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here