SUSE update for kernel-firmware



Risk Low
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2021-26345
CVE-2021-46766
CVE-2021-46774
CVE-2022-23820
CVE-2022-23830
CVE-2023-20519
CVE-2023-20521
CVE-2023-20526
CVE-2023-20533
CVE-2023-20566
CVE-2023-20592
CWE-ID CWE-125
CWE-459
CWE-787
CWE-119
CWE-16
CWE-416
CWE-367
CWE-20
CWE-758
Exploitation vector Local
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

kernel-firmware-chelsio
Operating systems & Components / Operating system package or component

kernel-firmware-network
Operating systems & Components / Operating system package or component

kernel-firmware-ueagle
Operating systems & Components / Operating system package or component

kernel-firmware-dpaa2
Operating systems & Components / Operating system package or component

kernel-firmware-platform
Operating systems & Components / Operating system package or component

kernel-firmware-mwifiex
Operating systems & Components / Operating system package or component

kernel-firmware-iwlwifi
Operating systems & Components / Operating system package or component

kernel-firmware-intel
Operating systems & Components / Operating system package or component

kernel-firmware-ath10k
Operating systems & Components / Operating system package or component

kernel-firmware-sound
Operating systems & Components / Operating system package or component

kernel-firmware-brcm
Operating systems & Components / Operating system package or component

kernel-firmware-usb-network
Operating systems & Components / Operating system package or component

kernel-firmware-mellanox
Operating systems & Components / Operating system package or component

kernel-firmware-qlogic
Operating systems & Components / Operating system package or component

kernel-firmware-bnx2
Operating systems & Components / Operating system package or component

kernel-firmware-all
Operating systems & Components / Operating system package or component

kernel-firmware-radeon
Operating systems & Components / Operating system package or component

kernel-firmware-ath11k
Operating systems & Components / Operating system package or component

kernel-firmware-media
Operating systems & Components / Operating system package or component

kernel-firmware-prestera
Operating systems & Components / Operating system package or component

kernel-firmware-nvidia
Operating systems & Components / Operating system package or component

kernel-firmware-ti
Operating systems & Components / Operating system package or component

kernel-firmware-i915
Operating systems & Components / Operating system package or component

kernel-firmware-bluetooth
Operating systems & Components / Operating system package or component

kernel-firmware-amdgpu
Operating systems & Components / Operating system package or component

kernel-firmware-realtek
Operating systems & Components / Operating system package or component

kernel-firmware-atheros
Operating systems & Components / Operating system package or component

kernel-firmware-liquidio
Operating systems & Components / Operating system package or component

kernel-firmware-serial
Operating systems & Components / Operating system package or component

kernel-firmware-qcom
Operating systems & Components / Operating system package or component

kernel-firmware-mediatek
Operating systems & Components / Operating system package or component

kernel-firmware-marvell
Operating systems & Components / Operating system package or component

kernel-firmware-nfp
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU84022

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-26345

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in APCB. A local user can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incomplete cleanup

EUVDB-ID: #VU84023

Risk: Low

CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46766

CWE-ID: CWE-459 - Incomplete cleanup

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to incomplete clearing of sensitive data in the ASP Bootloader. A local user with access to ASP SRAM can gain access to sensitive information.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds write

EUVDB-ID: #VU84017

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-46774

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing DRAM address in System Management Unit (SMU). A local user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU84016

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23820

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper validation of the AMD SMM communication buffer. A local user can corrupt the SMRAM and execute arbitrary code on the system.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Configuration

EUVDB-ID: #VU84025

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23830

CWE-ID: CWE-16 - Configuration

Exploit availability: No

Description

The issue may allow a local user to bypass implemented security restrictions.

The issue exists due to immutable SMM configuration when SNP is enabled. A local user can modify guest memory.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU84018

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20519

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in the management of an SNP guest context page. A malicious hypervisor can masquerade as the guest's migration agent and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU84026

Risk: Low

CVSSv3.1: 3.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20521

CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service attack.

The vulnerability exists due to a race condition in ASP Bootloader. An attacker with physical access to device can tamper with SPI ROM records after memory content verification and gain access to sensitive information of perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

EUVDB-ID: #VU84027

Risk: Low

CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20526

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input in the ASP Bootloader. An attacker with physical access to device can read contents of ASP memory.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU84020

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20533

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing DRAM address in System Management Unit (SMU). A local user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU84021

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20566

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input n ASP with SNP enabled. A local user can compromise guest memory integrity.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Reliance on undefined behavior

EUVDB-ID: #VU84028

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20592

CWE-ID: CWE-758 - Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to unexpected behavior of the INVD instruction in some AMD CPUs. A malicious hypervisor can affect cache line write-back behavior of the CPU and modify guest virtual machine (VM) memory.

Mitigation

Update the affected package kernel-firmware to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Micro: 5.5

kernel-firmware-chelsio: before 20230724-150500.3.9.1

kernel-firmware-network: before 20230724-150500.3.9.1

kernel-firmware-ueagle: before 20230724-150500.3.9.1

kernel-firmware-dpaa2: before 20230724-150500.3.9.1

kernel-firmware-platform: before 20230724-150500.3.9.1

kernel-firmware-mwifiex: before 20230724-150500.3.9.1

kernel-firmware-iwlwifi: before 20230724-150500.3.9.1

kernel-firmware-intel: before 20230724-150500.3.9.1

kernel-firmware-ath10k: before 20230724-150500.3.9.1

kernel-firmware-sound: before 20230724-150500.3.9.1

kernel-firmware-brcm: before 20230724-150500.3.9.1

kernel-firmware-usb-network: before 20230724-150500.3.9.1

kernel-firmware-mellanox: before 20230724-150500.3.9.1

kernel-firmware-qlogic: before 20230724-150500.3.9.1

kernel-firmware-bnx2: before 20230724-150500.3.9.1

kernel-firmware-all: before 20230724-150500.3.9.1

kernel-firmware-radeon: before 20230724-150500.3.9.1

kernel-firmware-ath11k: before 20230724-150500.3.9.1

kernel-firmware-media: before 20230724-150500.3.9.1

kernel-firmware-prestera: before 20230724-150500.3.9.1

kernel-firmware-nvidia: before 20230724-150500.3.9.1

kernel-firmware-ti: before 20230724-150500.3.9.1

kernel-firmware-i915: before 20230724-150500.3.9.1

kernel-firmware-bluetooth: before 20230724-150500.3.9.1

kernel-firmware-amdgpu: before 20230724-150500.3.9.1

kernel-firmware-realtek: before 20230724-150500.3.9.1

kernel-firmware-atheros: before 20230724-150500.3.9.1

kernel-firmware-liquidio: before 20230724-150500.3.9.1

kernel-firmware-serial: before 20230724-150500.3.9.1

kernel-firmware-qcom: before 20230724-150500.3.9.1

kernel-firmware-mediatek: before 20230724-150500.3.9.1

kernel-firmware-marvell: before 20230724-150500.3.9.1

kernel-firmware-nfp: before 20230724-150500.3.9.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###