Vulnerability from csaf_suse
Published
2024-07-09 17:20
Modified
2024-07-09 17:20
Summary
Security update for kernel-firmware
Notes
Title of the patch
Security update for kernel-firmware
Description of the patch
This update for kernel-firmware fixes the following issues:
Update AMD ucode to 20231030 (bsc#1215831):
- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.
- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.
- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.
0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.
- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.
- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.
- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.
- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.
- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.
- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.
- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).
Patchnames
SUSE-2024-2376,SUSE-SLE-Micro-5.5-2024-2376
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for kernel-firmware", title: "Title of the patch", }, { category: "description", text: "This update for kernel-firmware fixes the following issues:\n\nUpdate AMD ucode to 20231030 (bsc#1215831):\n\n- CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution.\n- CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation.\n- CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service.\n0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.\n- CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.\n- CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.\n- CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.\n- CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.\n- CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.\n- CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.\n- CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-2376,SUSE-SLE-Micro-5.5-2024-2376", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2376-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:2376-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20242376-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:2376-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-July/035892.html", }, { category: "self", summary: "SUSE Bug 1215823", url: "https://bugzilla.suse.com/1215823", }, { category: "self", summary: "SUSE Bug 1215831", url: "https://bugzilla.suse.com/1215831", }, { category: "self", summary: "SUSE CVE CVE-2021-26345 page", url: "https://www.suse.com/security/cve/CVE-2021-26345/", }, { category: "self", summary: "SUSE CVE CVE-2021-46766 page", url: "https://www.suse.com/security/cve/CVE-2021-46766/", }, { category: "self", summary: "SUSE CVE CVE-2021-46774 page", url: "https://www.suse.com/security/cve/CVE-2021-46774/", }, { category: "self", summary: "SUSE CVE CVE-2022-23820 page", url: "https://www.suse.com/security/cve/CVE-2022-23820/", }, { category: "self", summary: "SUSE CVE CVE-2022-23830 page", url: "https://www.suse.com/security/cve/CVE-2022-23830/", }, { category: "self", summary: "SUSE CVE CVE-2023-20519 page", url: "https://www.suse.com/security/cve/CVE-2023-20519/", }, { category: "self", summary: "SUSE CVE CVE-2023-20521 page", url: "https://www.suse.com/security/cve/CVE-2023-20521/", }, { category: "self", summary: "SUSE CVE CVE-2023-20526 page", url: "https://www.suse.com/security/cve/CVE-2023-20526/", }, { category: "self", summary: "SUSE CVE CVE-2023-20533 page", url: "https://www.suse.com/security/cve/CVE-2023-20533/", }, { category: "self", summary: "SUSE CVE CVE-2023-20566 page", url: "https://www.suse.com/security/cve/CVE-2023-20566/", }, { category: "self", summary: "SUSE CVE CVE-2023-20592 page", url: "https://www.suse.com/security/cve/CVE-2023-20592/", }, ], title: "Security update for kernel-firmware", tracking: { current_release_date: "2024-07-09T17:20:51Z", generator: { date: "2024-07-09T17:20:51Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:2376-1", initial_release_date: "2024-07-09T17:20:51Z", revision_history: [ { date: "2024-07-09T17:20:51Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-firmware-all-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-all-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-all-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-atheros-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-atheros-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-atheros-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-brcm-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-brcm-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-brcm-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-i915-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-i915-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-i915-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-intel-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-intel-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-intel-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-marvell-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-marvell-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-marvell-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-media-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-media-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-media-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-network-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-network-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-network-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-nfp-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-nfp-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-nfp-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-platform-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-platform-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-platform-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-prestera-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-prestera-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-prestera-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-qcom-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-qcom-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-qcom-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-radeon-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-radeon-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-radeon-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-realtek-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-realtek-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-realtek-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-serial-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-serial-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-serial-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-sound-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-sound-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-sound-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-ti-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-ti-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-ti-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", }, }, { category: "product_version", name: "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", product: { name: "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", product_id: "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.5", product: { name: "SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-firmware-all-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-all-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-atheros-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-atheros-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-brcm-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-brcm-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-i915-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-i915-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-intel-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-intel-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-marvell-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-marvell-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-media-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-media-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-network-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-nfp-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-nfp-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-platform-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-platform-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-prestera-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-prestera-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-qcom-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-qcom-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-radeon-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-radeon-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-realtek-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-realtek-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-serial-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-serial-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-sound-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-sound-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-ti-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-ti-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", }, product_reference: "kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, ], }, vulnerabilities: [ { cve: "CVE-2021-26345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-26345", }, ], notes: [ { category: "general", text: "Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-26345", url: "https://www.suse.com/security/cve/CVE-2021-26345", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2021-26345", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 1.6, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2021-26345", }, { cve: "CVE-2021-46766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-46766", }, ], notes: [ { category: "general", text: "Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-46766", url: "https://www.suse.com/security/cve/CVE-2021-46766", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2021-46766", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2021-46766", }, { cve: "CVE-2021-46774", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-46774", }, ], notes: [ { category: "general", text: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-46774", url: "https://www.suse.com/security/cve/CVE-2021-46774", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2021-46774", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2021-46774", }, { cve: "CVE-2022-23820", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23820", }, ], notes: [ { category: "general", text: "Failure to validate the AMD SMM communication buffer\nmay allow an attacker to corrupt the SMRAM potentially leading to arbitrary\ncode execution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-23820", url: "https://www.suse.com/security/cve/CVE-2022-23820", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2022-23820", url: "https://bugzilla.suse.com/1215831", }, { category: "external", summary: "SUSE Bug 1217557 for CVE-2022-23820", url: "https://bugzilla.suse.com/1217557", }, { category: "external", summary: "SUSE Bug 1220057 for CVE-2022-23820", url: "https://bugzilla.suse.com/1220057", }, { category: "external", summary: "SUSE Bug 1220058 for CVE-2022-23820", url: "https://bugzilla.suse.com/1220058", }, { category: "external", summary: "SUSE Bug 1221588 for CVE-2022-23820", url: "https://bugzilla.suse.com/1221588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2022-23820", }, { cve: "CVE-2022-23830", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23830", }, ], notes: [ { category: "general", text: "SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-23830", url: "https://www.suse.com/security/cve/CVE-2022-23830", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2022-23830", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 1.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2022-23830", }, { cve: "CVE-2023-20519", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20519", }, ], notes: [ { category: "general", text: "A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20519", url: "https://www.suse.com/security/cve/CVE-2023-20519", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2023-20519", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2023-20519", }, { cve: "CVE-2023-20521", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20521", }, ], notes: [ { category: "general", text: "TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20521", url: "https://www.suse.com/security/cve/CVE-2023-20521", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2023-20521", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2023-20521", }, { cve: "CVE-2023-20526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20526", }, ], notes: [ { category: "general", text: "Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20526", url: "https://www.suse.com/security/cve/CVE-2023-20526", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2023-20526", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 1.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2023-20526", }, { cve: "CVE-2023-20533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20533", }, ], notes: [ { category: "general", text: "Insufficient DRAM address validation in System\nManagement Unit (SMU) may allow an attacker to read/write from/to an invalid\nDRAM address, potentially resulting in denial-of-service.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20533", url: "https://www.suse.com/security/cve/CVE-2023-20533", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2023-20533", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2023-20533", }, { cve: "CVE-2023-20566", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20566", }, ], notes: [ { category: "general", text: "Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20566", url: "https://www.suse.com/security/cve/CVE-2023-20566", }, { category: "external", summary: "SUSE Bug 1215831 for CVE-2023-20566", url: "https://bugzilla.suse.com/1215831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "important", }, ], title: "CVE-2023-20566", }, { cve: "CVE-2023-20592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-20592", }, ], notes: [ { category: "general", text: "Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.\n\n\n\n\n\n\n\n\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-20592", url: "https://www.suse.com/security/cve/CVE-2023-20592", }, { category: "external", summary: "SUSE Bug 1215823 for CVE-2023-20592", url: "https://bugzilla.suse.com/1215823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:kernel-firmware-all-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-amdgpu-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath10k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ath11k-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-atheros-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bluetooth-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-bnx2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-brcm-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-chelsio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-dpaa2-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-i915-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-intel-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-iwlwifi-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-liquidio-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-marvell-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-media-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mediatek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mellanox-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-mwifiex-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-network-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nfp-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-nvidia-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-platform-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-prestera-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qcom-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-qlogic-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-radeon-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-realtek-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-serial-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-sound-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ti-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-ueagle-20230724-150500.3.9.1.noarch", "SUSE Linux Enterprise Micro 5.5:kernel-firmware-usb-network-20230724-150500.3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2024-07-09T17:20:51Z", details: "moderate", }, ], title: "CVE-2023-20592", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.