Oval Definition:oval:org.opensuse.security:def:847
Revision Date:2022-03-31Version:1
Title:Security update for kernel-firmware (Important)
Description:

This update for kernel-firmware fixes the following issues:

Update Intel Wireless firmware for 9xxx (INTEL-SA-00539, bsc#1196333):

CVE-2021-0161: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0164: Improper access control in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access. CVE-2021-0165: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0066: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access. CVE-2021-0166: Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0168: Improper input validation in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0170: Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow an authenticated user to potentially enable information disclosure via local access. CVE-2021-0172: Improper input validation in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0173: Improper Validation of Consistency within input in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0174: Improper Use of Validation Framework in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0175: Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0076: Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a privileged user to potentially enable denial of service via local access. CVE-2021-0176: Improper input validation in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a privileged user to potentially enable denial of service via local access. CVE-2021-0183: Improper Validation of Specified Index, Position, or Offset in Input in software for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2021-0072: Improper input validation in firmware for some Intel PROSet/Wireless Wi-Fi and some Killer Wi-Fi may allow a privileged user to potentially enable information disclosure via local access. CVE-2021-0071: Improper input validation in firmware for some Intel PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.



Update Intel Bluetooth firmware (INTEL-SA-00604,bsc#1195786):

- CVE-2021-33139: Improper conditions check in firmware for some Intel Wireless Bluetooth and Killer Bluetooth products before may allow an authenticated user to potentially enable denial of service via adjacent access. - CVE-2021-33155: Improper input validation in firmware for some Intel Wireless Bluetooth and Killer Bluetooth products before may allow an authenticated user to potentially enable denial of service via adjacent access.



Bug fixes:

- Updated the AMD SEV firmware (bsc#1186938) - Reduced the LZMA2 dictionary size (bsc#1188662)
Family:unixClass:patch
Status:Reference(s):1186938
1188662
1192953
1195786
1196333
CVE-2008-3825
CVE-2009-1384
CVE-2013-2027
CVE-2013-2027
CVE-2021-0066
CVE-2021-0071
CVE-2021-0072
CVE-2021-0076
CVE-2021-0161
CVE-2021-0164
CVE-2021-0165
CVE-2021-0166
CVE-2021-0168
CVE-2021-0170
CVE-2021-0172
CVE-2021-0173
CVE-2021-0174
CVE-2021-0175
CVE-2021-0176
CVE-2021-0183
CVE-2021-33139
CVE-2021-33155
SUSE-SU-2022:1065-1
Platform(s):openSUSE 13.2
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for additional PackageHub packages 15
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for High Performance Computing 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Linux Enterprise Workstation Extension 15
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Package Hub for SUSE Linux Enterprise 12
SUSE Package Hub for SUSE Linux Enterprise 12 SP1
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND python-pymongo-2.6.3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • MozillaFirefox-31.1.0esr-1 is installed
  • OR MozillaFirefox-translations-31.1.0esr-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-8 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • dhcp-4.3.3-9 is installed
  • OR dhcp-client-4.3.3-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • pam_krb5-2.4.13-1.36 is installed
  • OR pam_krb5-32bit-2.4.13-1.36 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND Package Information
  • kernel-firmware-20210208-150300.4.7.1 is installed
  • OR kernel-firmware-brcm-20210208-150300.4.7.1 is installed
  • OR ucode-amd-20210208-150300.4.7.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-25.6 is installed
  • OR dlm-kmp-default-4.12.14-25.6 is installed
  • OR gfs2-kmp-default-4.12.14-25.6 is installed
  • OR kernel-default-4.12.14-25.6 is installed
  • OR ocfs2-kmp-default-4.12.14-25.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed
  • AND Package Information
  • glib2-2.54.3-4.7 is installed
  • OR glib2-devel-32bit-2.54.3-4.7 is installed
  • OR glib2-tools-32bit-2.54.3-4.7 is installed
  • OR libgthread-2_0-0-32bit-2.54.3-4.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • pam_krb5-2.4.13-1 is installed
  • OR pam_krb5-32bit-2.4.13-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.49 is installed
  • OR ImageMagick-devel-7.0.7.34-3.49 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-3.49 is installed
  • OR libMagick++-devel-7.0.7.34-3.49 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-3.49 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-3.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND jython-2.2.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 15 is installed
  • AND Package Information
  • libpmi0-17.11.7-6.3 is installed
  • OR libslurm32-17.11.7-6.3 is installed
  • OR perl-slurm-17.11.7-6.3 is installed
  • OR slurm-17.11.7-6.3 is installed
  • OR slurm-auth-none-17.11.7-6.3 is installed
  • OR slurm-config-17.11.7-6.3 is installed
  • OR slurm-devel-17.11.7-6.3 is installed
  • OR slurm-doc-17.11.7-6.3 is installed
  • OR slurm-lua-17.11.7-6.3 is installed
  • OR slurm-munge-17.11.7-6.3 is installed
  • OR slurm-node-17.11.7-6.3 is installed
  • OR slurm-pam_slurm-17.11.7-6.3 is installed
  • OR slurm-plugins-17.11.7-6.3 is installed
  • OR slurm-slurmdbd-17.11.7-6.3 is installed
  • OR slurm-sql-17.11.7-6.3 is installed
  • OR slurm-torque-17.11.7-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • libopenssl-1_0_0-devel-1.0.2n-3.3 is installed
  • OR libopenssl1_0_0-1.0.2n-3.3 is installed
  • OR openssl-1_0_0-1.0.2n-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.3 is installed
  • OR kernel-default-livepatch-4.12.14-25.3 is installed
  • OR kernel-livepatch-4_12_14-25_3-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_1-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • python-paramiko-2.4.2-3.3 is installed
  • OR python-paramiko-doc-2.4.2-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 is installed
  • AND Package Information
  • kernel-azure-4.12.14-5.8 is installed
  • OR kernel-azure-base-4.12.14-5.8 is installed
  • OR kernel-azure-devel-4.12.14-5.8 is installed
  • OR kernel-devel-azure-4.12.14-5.8 is installed
  • OR kernel-source-azure-4.12.14-5.8 is installed
  • OR kernel-syms-azure-4.12.14-5.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • openslp-2.0.0-6.3 is installed
  • OR openslp-server-2.0.0-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND Package Information
  • nodejs8-8.11.4-3.8 is installed
  • OR nodejs8-devel-8.11.4-3.8 is installed
  • OR nodejs8-docs-8.11.4-3.8 is installed
  • OR npm8-8.11.4-3.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • dbus-1-1.8.8-1.5 is installed
  • OR dbus-1-x11-1.8.8-1.5 is installed
  • OR libdbus-1-3-1.8.8-1.5 is installed
  • OR libdbus-1-3-32bit-1.8.8-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • emacs-24.3-16.32 is installed
  • OR emacs-el-24.3-16.32 is installed
  • OR emacs-info-24.3-16.32 is installed
  • OR emacs-nox-24.3-16.32 is installed
  • OR emacs-x11-24.3-16.32 is installed
  • OR etags-24.3-16.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-52.9.1-3.7 is installed
  • OR MozillaThunderbird-devel-52.9.1-3.7 is installed
  • OR MozillaThunderbird-translations-common-52.9.1-3.7 is installed
  • OR MozillaThunderbird-translations-other-52.9.1-3.7 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • chromedriver-53.0.2785.89-96 is installed
  • OR chromium-53.0.2785.89-96 is installed
  • OR chromium-desktop-gnome-53.0.2785.89-96 is installed
  • OR chromium-desktop-kde-53.0.2785.89-96 is installed
  • OR chromium-ffmpegsumo-53.0.2785.89-96 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed
  • AND Package Information
  • kinit-5.20.0-5 is installed
  • OR kinit-devel-5.20.0-5 is installed
  • OR kinit-lang-5.20.0-5 is installed
    • BACK