MGASA-2017-0472

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0472.html

Import Source

https://advisories.mageia.org/MGASA-2017-0472.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0472

Related

Published

2017-12-28T13:16:56Z

Modified

2022-02-17T18:21:47Z

Summary

Updated nonfree firmwares fixes security issues and adds new hw support

Details

Updated nonfree firmwares fixes at least the following security issues:

Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air (CVE-2016-0801) - adding length checks for TDLS action frames (CVE-2017-0561) - adding length checks for WME IE (CVE-2017-9417)

Iwlwifi firmware fixes: - The reinstallation of the Group Temporal key could be used for replay attacks (CVE-2017-13080) - The reinstallation of the Integrity Group Temporal key could be used for replay attacks (CVE-2017-13081)

This update also adds updated firmwares: * ath10k, cxgb4, liquidio, mrvl, ql2400, ql2500, wilc1000 * Amd Polaris10-12, Intel BXT/SKL/KBL/CNL

and new firmwares: * Amd Vega10 and Raven * Cavium nitrox * Intel CNL/GLK, IPU3, JeffersonPeak, ThunderPeak * Mellanox Spectrum * nVidia GP108 (GTX1030) * Qualcom Adreno &Venus, imx SDMA, * Realtek rtl8822be

in order to support new hardware supported by 4.14 series kernels.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0472

Affected packages