Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:4262

Опубликовано: 07 мая 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate.

Security Fix(es):

  • kernel: Reserved fields in guest message responses may not be zero initialized (CVE-2023-31346)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
iwl1000-firmwarenoarch122.el8_10.1iwl1000-firmware-39.31.5.1-122.el8_10.1.noarch.rpm
iwl1000-firmwarenoarch122.el8_10.1iwl1000-firmware-39.31.5.1-122.el8_10.1.noarch.rpm
iwl100-firmwarenoarch122.el8_10.1iwl100-firmware-39.31.5.1-122.el8_10.1.noarch.rpm
iwl100-firmwarenoarch122.el8_10.1iwl100-firmware-39.31.5.1-122.el8_10.1.noarch.rpm
iwl105-firmwarenoarch122.el8_10.1iwl105-firmware-18.168.6.1-122.el8_10.1.noarch.rpm
iwl105-firmwarenoarch122.el8_10.1iwl105-firmware-18.168.6.1-122.el8_10.1.noarch.rpm
iwl135-firmwarenoarch122.el8_10.1iwl135-firmware-18.168.6.1-122.el8_10.1.noarch.rpm
iwl135-firmwarenoarch122.el8_10.1iwl135-firmware-18.168.6.1-122.el8_10.1.noarch.rpm
iwl2000-firmwarenoarch122.el8_10.1iwl2000-firmware-18.168.6.1-122.el8_10.1.noarch.rpm
iwl2000-firmwarenoarch122.el8_10.1iwl2000-firmware-18.168.6.1-122.el8_10.1.noarch.rpm

Показывать по

Связанные CVE

CVE-2023-31346

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-31346

CVSS3: 6
ubuntu
почти 2 года назад

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

redhat логотип

CVE-2023-31346

CVSS3: 4.4
redhat
около 2 лет назад

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

nvd логотип

CVE-2023-31346

CVSS3: 6
nvd
почти 2 года назад

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.

github логотип

GHSA-rvmr-97cf-9f3m

CVSS3: 6
github
почти 2 года назад

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.