Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2023-6595.NASLHistoryNov 07, 2023 - 12:00 a.m.
RHEL 9 : linux-firmware (RHSA-2023:6595)
2023-11-0700:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
rhel 9
linux-firmware
rhsa-2023:6595
vulnerabilities
access control
intel proset
killer wifi
denial of service
adjacent access
escalation of privilege
input validation
protection mechanism failure
amd cpus
side channel vulnerability
information disclosure
speculative execution
nessus
scanner
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.0%
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6595 advisory.
-
hw: intel: Improper access control for some Intel® PROSet/Wireless WiFi (CVE-2022-27635, CVE-2022-40964)
-
hw: intel: Improper input validation in some Intel® PROSet/Wireless WiFi (CVE-2022-36351, CVE-2022-38076)
-
hw: intel: Protection mechanism failure for some Intel® PROSet/Wireless WiFi (CVE-2022-46329)
-
hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2023:6595. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(185122);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");
script_cve_id(
"CVE-2022-27635",
"CVE-2022-36351",
"CVE-2022-38076",
"CVE-2022-40964",
"CVE-2022-46329",
"CVE-2023-20569"
);
script_xref(name:"RHSA", value:"2023:6595");
script_name(english:"RHEL 9 : linux-firmware (RHSA-2023:6595)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2023:6595 advisory.
- hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635, CVE-2022-40964)
- hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-36351,
CVE-2022-38076)
- hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329)
- hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?619e5320");
# https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6595.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8dc483b4");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2178579");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2207625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2214391");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2235321");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238962");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238963");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2238964");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2023:6595");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-38076");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 284, 693);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/08/03");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl100-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl1000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl105-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl135-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl2000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl2030-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl3160-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl5000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl5150-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl6000g2a-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl6000g2b-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl6050-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:iwl7260-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libertas-sd8787-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:linux-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:linux-firmware-whence");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:netronome-firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel9/9.1/aarch64/baseos/debug',
'content/dist/rhel9/9.1/aarch64/baseos/os',
'content/dist/rhel9/9.1/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.1/ppc64le/baseos/debug',
'content/dist/rhel9/9.1/ppc64le/baseos/os',
'content/dist/rhel9/9.1/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.1/s390x/baseos/debug',
'content/dist/rhel9/9.1/s390x/baseos/os',
'content/dist/rhel9/9.1/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/baseos/debug',
'content/dist/rhel9/9.1/x86_64/baseos/os',
'content/dist/rhel9/9.1/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.2/aarch64/baseos/debug',
'content/dist/rhel9/9.2/aarch64/baseos/os',
'content/dist/rhel9/9.2/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.2/ppc64le/baseos/debug',
'content/dist/rhel9/9.2/ppc64le/baseos/os',
'content/dist/rhel9/9.2/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.2/s390x/baseos/debug',
'content/dist/rhel9/9.2/s390x/baseos/os',
'content/dist/rhel9/9.2/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/baseos/debug',
'content/dist/rhel9/9.2/x86_64/baseos/os',
'content/dist/rhel9/9.2/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.3/aarch64/baseos/debug',
'content/dist/rhel9/9.3/aarch64/baseos/os',
'content/dist/rhel9/9.3/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.3/ppc64le/baseos/debug',
'content/dist/rhel9/9.3/ppc64le/baseos/os',
'content/dist/rhel9/9.3/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.3/s390x/baseos/debug',
'content/dist/rhel9/9.3/s390x/baseos/os',
'content/dist/rhel9/9.3/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/baseos/debug',
'content/dist/rhel9/9.3/x86_64/baseos/os',
'content/dist/rhel9/9.3/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.4/aarch64/baseos/debug',
'content/dist/rhel9/9.4/aarch64/baseos/os',
'content/dist/rhel9/9.4/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.4/ppc64le/baseos/debug',
'content/dist/rhel9/9.4/ppc64le/baseos/os',
'content/dist/rhel9/9.4/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.4/s390x/baseos/debug',
'content/dist/rhel9/9.4/s390x/baseos/os',
'content/dist/rhel9/9.4/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/baseos/debug',
'content/dist/rhel9/9.4/x86_64/baseos/os',
'content/dist/rhel9/9.4/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9/aarch64/baseos/debug',
'content/dist/rhel9/9/aarch64/baseos/os',
'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9/ppc64le/baseos/debug',
'content/dist/rhel9/9/ppc64le/baseos/os',
'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9/s390x/baseos/debug',
'content/dist/rhel9/9/s390x/baseos/os',
'content/dist/rhel9/9/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9/x86_64/baseos/debug',
'content/dist/rhel9/9/x86_64/baseos/os',
'content/dist/rhel9/9/x86_64/baseos/source/SRPMS'
],
'pkgs': [
{'reference':'iwl100-firmware-39.31.5.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl1000-firmware-39.31.5.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'iwl105-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl135-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl2000-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl2030-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl3160-firmware-25.30.13.0-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'iwl5000-firmware-8.83.5.1_1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl5150-firmware-8.24.2.2-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6000g2a-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6000g2b-firmware-18.168.6.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6050-firmware-41.28.5.1-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl7260-firmware-25.30.13.0-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libertas-sd8787-firmware-20230814-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'linux-firmware-20230814-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'linux-firmware-whence-20230814-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'netronome-firmware-20230814-140.el9_3', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'iwl100-firmware / iwl1000-firmware / iwl105-firmware / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 9 | cpe:/o:redhat:enterprise_linux:9 |
| redhat | enterprise_linux | iwl100-firmware | p-cpe:/a:redhat:enterprise_linux:iwl100-firmware |
| redhat | enterprise_linux | iwl1000-firmware | p-cpe:/a:redhat:enterprise_linux:iwl1000-firmware |
| redhat | enterprise_linux | iwl105-firmware | p-cpe:/a:redhat:enterprise_linux:iwl105-firmware |
| redhat | enterprise_linux | iwl135-firmware | p-cpe:/a:redhat:enterprise_linux:iwl135-firmware |
| redhat | enterprise_linux | iwl2000-firmware | p-cpe:/a:redhat:enterprise_linux:iwl2000-firmware |
| redhat | enterprise_linux | iwl2030-firmware | p-cpe:/a:redhat:enterprise_linux:iwl2030-firmware |
| redhat | enterprise_linux | iwl3160-firmware | p-cpe:/a:redhat:enterprise_linux:iwl3160-firmware |
| redhat | enterprise_linux | iwl5000-firmware | p-cpe:/a:redhat:enterprise_linux:iwl5000-firmware |
| redhat | enterprise_linux | iwl5150-firmware | p-cpe:/a:redhat:enterprise_linux:iwl5150-firmware |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27635
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46329
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569
www.nessus.org/u?619e5320
www.nessus.org/u?8dc483b4
access.redhat.com/errata/RHSA-2023:6595
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=2178579
bugzilla.redhat.com/show_bug.cgi?id=2207625
bugzilla.redhat.com/show_bug.cgi?id=2214391
bugzilla.redhat.com/show_bug.cgi?id=2235321
bugzilla.redhat.com/show_bug.cgi?id=2238960
bugzilla.redhat.com/show_bug.cgi?id=2238961
bugzilla.redhat.com/show_bug.cgi?id=2238962
bugzilla.redhat.com/show_bug.cgi?id=2238963
bugzilla.redhat.com/show_bug.cgi?id=2238964
Related
openvas
openvas
Debian: Security Advisory (DLA-3596-1)
2023-10-02 00:00:00
Fedora: Security Advisory for linux-firmware (FEDORA-2023-4056a5c165)
2023-09-24 00:00:00
Fedora: Security Advisory for linux-firmware (FEDORA-2023-dd3ebcea25)
2023-09-26 00:00:00
redhat
redhat
(RHSA-2023:6595) Important: linux-firmware security, bug fix, and enhancement update
2023-11-07 06:09:41
(RHSA-2024:3422) Important: linux-firmware security update
2024-05-28 13:04:20
(RHSA-2024:0449) Important: linux-firmware security update
2024-01-24 14:40:50
nessus
nessus
Oracle Linux 9 : linux-firmware (ELSA-2023-6595)
2023-11-16 00:00:00
Fedora 37 : linux-firmware (2023-defb0a89ff)
2023-09-26 00:00:00
Debian DLA-3596-1 : firmware-nonfree - LTS security update
2023-10-01 00:00:00
oraclelinux
oraclelinux
linux-firmware security, bug fix, and enhancement update
2023-11-11 00:00:00
linux-firmware security update
2023-08-08 00:00:00
linux-firmware security update
2023-08-08 00:00:00
osv
osv
Important: linux-firmware security, bug fix, and enhancement update
2023-11-07 00:00:00
firmware-nonfree - security update
2023-09-30 00:00:00
CVE-2023-20569
2023-08-08 18:15:11
debian
debian
[SECURITY] [DLA 3596-1] firmware-nonfree security update
2023-09-30 19:39:30
[SECURITY] [DLA 3525-1] linux-5.10 security update
2023-08-11 17:21:05
[SECURITY] [DSA 5475-1] linux security update
2023-08-11 07:57:07
fedora
fedora
[SECURITY] Fedora 39 Update: linux-firmware-20230919-1.fc39
2023-09-26 00:19:47
[SECURITY] Fedora 38 Update: linux-firmware-20230919-1.fc38
2023-09-23 01:31:13
[SECURITY] Fedora 37 Update: linux-firmware-20230919-1.fc37
2023-09-26 01:33:54
almalinux
almalinux
Important: linux-firmware security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: linux-firmware security, bug fix, and enhancement update
2023-11-14 00:00:00
Important: linux-firmware security update
2024-05-22 00:00:00
intel
intel
Intel® PROSet/Wireless WiFi and KillerTM WiFi Advisory
2023-08-08 00:00:00
hp
hp
Intel® PROSet/Wireless WiFi and Killer™ WiFi August 2023 Security Update
2023-08-08 00:00:00
AMD Client UEFI Firmware Return Address Security Update
2023-12-07 00:00:00
cvelist
cvelist
redhatcve
redhatcve
nvd
nvd
cve
cve
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Improper access control
2023-08-11 03:15:00
Input validation
2023-08-11 03:15:00
Input validation
2023-08-11 03:15:00
f5
f5
K000139684: AMD processors vulnerability CVE-2023-20569
2024-05-20 00:00:00
amd
amd
Return Address Security Bulletin
2023-08-08 00:00:00
veracode
veracode
Information Disclosure
2023-08-13 09:11:17
mscve
mscve
AMD: CVE-2023-20569 Return Address Predictor
2023-08-08 07:00:00
ubuntu
ubuntu
AMD Microcode vulnerability
2023-08-30 00:00:00
cloudfoundry
cloudfoundry
USN-6319-1: AMD Microcode vulnerability | Cloud Foundry
2023-10-05 00:00:00
xen
xen
x86/AMD: Speculative Return Stack Overflow
2023-08-08 15:53:00
centos
centos
thn
thn
citrix
citrix
rocky
rocky
kernel security update
2024-01-12 19:59:56
kernel-rt security update
2024-01-12 19:57:11
mageia
mageia
Updated microcode packages fix security vulnerabilities
2023-08-23 22:56:41
amazon
amazon
Important: kernel
2023-08-03 18:09:00
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
19.0%
Related for REDHAT-RHSA-2023-6595.NASL