kernel-firmware-all-20231128-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:13475-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z kernel-firmware-all-20231128-1.1 on GA media These are all security issues fixed in the kernel-firmware-all-20231128-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-13475 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-26345/ SUSE CVE CVE-2021-26345 page https://www.suse.com/security/cve/CVE-2022-23820/ SUSE CVE CVE-2022-23820 page https://www.suse.com/security/cve/CVE-2023-20526/ SUSE CVE CVE-2023-20526 page https://www.suse.com/security/cve/CVE-2023-20592/ SUSE CVE CVE-2023-20592 page openSUSE Tumbleweed kernel-firmware-all-20231128-1.1 kernel-firmware-amdgpu-20231128-1.1 kernel-firmware-ath10k-20231128-1.1 kernel-firmware-ath11k-20231128-1.1 kernel-firmware-atheros-20231128-1.1 kernel-firmware-bluetooth-20231128-1.1 kernel-firmware-bnx2-20231128-1.1 kernel-firmware-brcm-20231128-1.1 kernel-firmware-chelsio-20231128-1.1 kernel-firmware-dpaa2-20231128-1.1 kernel-firmware-i915-20231128-1.1 kernel-firmware-intel-20231128-1.1 kernel-firmware-iwlwifi-20231128-1.1 kernel-firmware-liquidio-20231128-1.1 kernel-firmware-marvell-20231128-1.1 kernel-firmware-media-20231128-1.1 kernel-firmware-mediatek-20231128-1.1 kernel-firmware-mellanox-20231128-1.1 kernel-firmware-mwifiex-20231128-1.1 kernel-firmware-network-20231128-1.1 kernel-firmware-nfp-20231128-1.1 kernel-firmware-nvidia-20231128-1.1 kernel-firmware-platform-20231128-1.1 kernel-firmware-prestera-20231128-1.1 kernel-firmware-qcom-20231128-1.1 kernel-firmware-qlogic-20231128-1.1 kernel-firmware-radeon-20231128-1.1 kernel-firmware-realtek-20231128-1.1 kernel-firmware-serial-20231128-1.1 kernel-firmware-sound-20231128-1.1 kernel-firmware-ti-20231128-1.1 kernel-firmware-ueagle-20231128-1.1 kernel-firmware-usb-network-20231128-1.1 ucode-amd-20231128-1.1 kernel-firmware-all-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-amdgpu-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-ath10k-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-ath11k-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-atheros-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-bluetooth-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-bnx2-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-brcm-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-chelsio-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-dpaa2-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-i915-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-intel-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-iwlwifi-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-liquidio-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-marvell-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-media-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-mediatek-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-mellanox-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-mwifiex-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-network-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-nfp-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-nvidia-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-platform-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-prestera-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-qcom-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-qlogic-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-radeon-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-realtek-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-serial-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-sound-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-ti-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-ueagle-20231128-1.1 as a component of openSUSE Tumbleweed kernel-firmware-usb-network-20231128-1.1 as a component of openSUSE Tumbleweed ucode-amd-20231128-1.1 as a component of openSUSE Tumbleweed Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service. CVE-2021-26345 openSUSE Tumbleweed:kernel-firmware-all-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-amdgpu-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath10k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath11k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-atheros-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bluetooth-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bnx2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-brcm-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-chelsio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-dpaa2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-i915-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-intel-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-iwlwifi-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-liquidio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-marvell-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-media-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mediatek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mellanox-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mwifiex-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-network-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nfp-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nvidia-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-platform-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-prestera-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qcom-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qlogic-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-radeon-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-realtek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-serial-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-sound-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ti-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ueagle-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-usb-network-20231128-1.1 openSUSE Tumbleweed:ucode-amd-20231128-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-26345.html CVE-2021-26345 https://bugzilla.suse.com/1215831 SUSE Bug 1215831 Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. CVE-2022-23820 openSUSE Tumbleweed:kernel-firmware-all-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-amdgpu-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath10k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath11k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-atheros-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bluetooth-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bnx2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-brcm-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-chelsio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-dpaa2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-i915-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-intel-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-iwlwifi-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-liquidio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-marvell-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-media-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mediatek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mellanox-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mwifiex-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-network-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nfp-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nvidia-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-platform-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-prestera-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qcom-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qlogic-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-radeon-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-realtek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-serial-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-sound-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ti-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ueagle-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-usb-network-20231128-1.1 openSUSE Tumbleweed:ucode-amd-20231128-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-23820.html CVE-2022-23820 https://bugzilla.suse.com/1215831 SUSE Bug 1215831 https://bugzilla.suse.com/1217557 SUSE Bug 1217557 https://bugzilla.suse.com/1220057 SUSE Bug 1220057 https://bugzilla.suse.com/1220058 SUSE Bug 1220058 https://bugzilla.suse.com/1221588 SUSE Bug 1221588 Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality. CVE-2023-20526 openSUSE Tumbleweed:kernel-firmware-all-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-amdgpu-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath10k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath11k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-atheros-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bluetooth-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bnx2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-brcm-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-chelsio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-dpaa2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-i915-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-intel-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-iwlwifi-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-liquidio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-marvell-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-media-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mediatek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mellanox-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mwifiex-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-network-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nfp-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nvidia-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-platform-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-prestera-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qcom-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qlogic-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-radeon-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-realtek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-serial-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-sound-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ti-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ueagle-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-usb-network-20231128-1.1 openSUSE Tumbleweed:ucode-amd-20231128-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-20526.html CVE-2023-20526 https://bugzilla.suse.com/1215831 SUSE Bug 1215831 Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. CVE-2023-20592 openSUSE Tumbleweed:kernel-firmware-all-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-amdgpu-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath10k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ath11k-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-atheros-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bluetooth-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-bnx2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-brcm-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-chelsio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-dpaa2-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-i915-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-intel-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-iwlwifi-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-liquidio-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-marvell-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-media-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mediatek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mellanox-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-mwifiex-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-network-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nfp-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-nvidia-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-platform-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-prestera-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qcom-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-qlogic-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-radeon-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-realtek-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-serial-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-sound-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ti-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-ueagle-20231128-1.1 openSUSE Tumbleweed:kernel-firmware-usb-network-20231128-1.1 openSUSE Tumbleweed:ucode-amd-20231128-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-20592.html CVE-2023-20592 https://bugzilla.suse.com/1215823 SUSE Bug 1215823