kernel-firmware-20220516-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12088 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z kernel-firmware-20220516-1.1 on GA media These are all security issues fixed in the kernel-firmware-20220516-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12088 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12088 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-26339/ SUSE CVE CVE-2021-26339 page https://www.suse.com/security/cve/CVE-2021-26348/ SUSE CVE CVE-2021-26348 page https://www.suse.com/security/cve/CVE-2021-26364/ SUSE CVE CVE-2021-26364 page https://www.suse.com/security/cve/CVE-2021-26375/ SUSE CVE CVE-2021-26375 page https://www.suse.com/security/cve/CVE-2021-33139/ SUSE CVE CVE-2021-33139 page https://www.suse.com/security/cve/CVE-2021-46744/ SUSE CVE CVE-2021-46744 page openSUSE Tumbleweed kernel-firmware-20220516-1.1 ucode-amd-20220516-1.1 kernel-firmware-20220516-1.1 as a component of openSUSE Tumbleweed ucode-amd-20220516-1.1 as a component of openSUSE Tumbleweed A bug in AMD CPU's core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers. CVE-2021-26339 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-26339.html CVE-2021-26339 https://bugzilla.suse.com/1199459 SUSE Bug 1199459 Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. CVE-2021-26348 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-26348.html CVE-2021-26348 Insufficient bounds checking in an SMU mailbox register could allow an attacker to potentially read outside of the SRAM address range which could result in an exception handling leading to a potential denial of service. CVE-2021-26364 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-26364.html CVE-2021-26364 Insufficient General Purpose IO (GPIO) bounds check in System Management Unit (SMU) may result in access/updates from/to invalid address space that could result in denial of service. CVE-2021-26375 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-26375.html CVE-2021-26375 Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. CVE-2021-33139 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-33139.html CVE-2021-33139 https://bugzilla.suse.com/1195786 SUSE Bug 1195786 An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time. CVE-2021-46744 openSUSE Tumbleweed:kernel-firmware-20220516-1.1 openSUSE Tumbleweed:ucode-amd-20220516-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-46744.html CVE-2021-46744 https://bugzilla.suse.com/1199470 SUSE Bug 1199470