Описание
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues:
- Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters.
Security issues fixed are part of the 'KRACK' attacks affecting the firmware:
- CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks (bsc#1066295):
- CVE-2017-13081: The reinstallation of the Integrity Group Temporal key could be used for replay attacks (bsc#1066295):
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP3
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Server 12 SP2
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Server 12 SP3
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
kernel-firmware-20170530-21.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
kernel-firmware-20170530-21.13.1
ucode-amd-20170530-21.13.1
Ссылки
- Link for SUSE-SU-2017:3106-1
- E-Mail link for SUSE-SU-2017:3106-1
- SUSE Security Ratings
- SUSE Bug 1066295
- SUSE CVE CVE-2017-13080 page
- SUSE CVE CVE-2017-13081 page
Описание
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-firmware-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP2:ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP3:kernel-firmware-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP3:ucode-amd-20170530-21.13.1
Ссылки
- CVE-2017-13080
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1063667
- SUSE Bug 1063671
- SUSE Bug 1066295
- SUSE Bug 1105108
- SUSE Bug 1178872
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:kernel-firmware-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP2:ucode-amd-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP3:kernel-firmware-20170530-21.13.1
SUSE Linux Enterprise Desktop 12 SP3:ucode-amd-20170530-21.13.1
Ссылки
- CVE-2017-13081
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1066295
- SUSE Bug 1105108
- SUSE Bug 1179588