Описание
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues:
- Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters.
Security issues fixed are part of the 'KRACK' attacks affecting the firmware:
- CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks (bsc#1066295):
- CVE-2017-13081: The reinstallation of the Integrity Group Temporal key could be used for replay attacks (bsc#1066295):
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
kernel-firmware-20170530-11.1
ucode-amd-20170530-11.1
openSUSE Leap 42.3
kernel-firmware-20170530-11.1
ucode-amd-20170530-11.1
Ссылки
- E-Mail link for openSUSE-SU-2017:3144-1
- SUSE Security Ratings
Описание
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
openSUSE Leap 42.2:kernel-firmware-20170530-11.1
openSUSE Leap 42.2:ucode-amd-20170530-11.1
openSUSE Leap 42.3:kernel-firmware-20170530-11.1
openSUSE Leap 42.3:ucode-amd-20170530-11.1
Ссылки
- CVE-2017-13080
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1063667
- SUSE Bug 1063671
- SUSE Bug 1066295
- SUSE Bug 1105108
- SUSE Bug 1178872
Описание
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Затронутые продукты
openSUSE Leap 42.2:kernel-firmware-20170530-11.1
openSUSE Leap 42.2:ucode-amd-20170530-11.1
openSUSE Leap 42.3:kernel-firmware-20170530-11.1
openSUSE Leap 42.3:ucode-amd-20170530-11.1
Ссылки
- CVE-2017-13081
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1066295
- SUSE Bug 1105108