Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE 2024:2575-1 Moderate: Kernel Firmware Input Validation Fixes

suse
Calendar Grey July 22, 2024
Dist Suse Esm H88
Canonical has released a security update focusing on crucial LibreOffice enhancements, which resolve multiple vulnerabilities related to file processing risks.
* bsc#1219458 * bsc#1222319 * bsc#1225600 * bsc#1225601

Summary

## This update for kernel-firmware fixes the following issues: * CVE-2023-38417: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 (bsc#1225600) * CVE-2023-47210: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 (bsc#1225601) * Update to version 20240712 (git commit ed874ed83cac): * amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics * qcom: add gpu firmwares for x1e80100 chipset (bsc#1219458) * linux-firmware: add firmware for qat_402xx devices * amdgpu: update raven firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update vega20 firmware

Topics%20covered

Topics Covered

security advisory software update security fix moderate severity input validation SUSE kernel firmware

References

* bsc#1219458

* bsc#1222319

* bsc#1225600

* bsc#1225601

Cross-

* CVE-2023-38417

* CVE-2023-47210

CVSS scores:

* CVE-2023-38417 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2023-47210 ( SUSE ): 4.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6

* openSUSE Leap 15.6

* SUSE Linux Enterprise Desktop 15 SP6

* SUSE Linux Enterprise Real Time 15 SP6

* SUSE Linux Enterprise Server 15 SP6

* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities and has two security fixes can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2023-38417.html

* https://www.suse.com/security/cve/CVE-2023-47210.html

* https://bugzilla.suse.com/show_bug.cgi?id=1219458

Severity
medium
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2575-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory software update security fix moderate severity input validation SUSE kernel firmware

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here