openSUSE Security Update : kernel-firmware (openSUSE-2019-1770)

medium Nessus Plugin ID 126903

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for kernel-firmware fixes the following issues :

kernel-firmware was updated to version 20190618 :

- cavium: Add firmware for CNN55XX crypto driver.

- linux-firmware: Update firmware file for Intel Bluetooth 22161

- linux-firmware: Update firmware file for Intel Bluetooth 9560

- linux-firmware: Update firmware file for Intel Bluetooth 9260

- linux-firmware: Update AMD SEV firmware (CVE-2019-9836, bsc#1139383)

- linux-firmware: update licence text for Marvell firmware

- linux-firmware: update firmware for mhdp8546

- linux-firmware: rsi: update firmware images for Redpine 9113 chipset

- imx: sdma: update firmware to v3.5/v4.5

- nvidia: update GP10[2467] SEC2 RTOS with the one already used on GP108

- linux-firmware: Update firmware file for Intel Bluetooth 8265

- linux-firmware: Update firmware file for Intel Bluetooth 9260

- linux-firmware: Update firmware file for Intel Bluetooth 9560

- amlogic: add video decoder firmwares

- iwlwifi: update -46 firmwares for 22260 and 9000 series

- iwlwifi: add firmware for 22260 and update 9000 series
-46 firmwares

- iwlwifi: add -46.ucode firmwares for 9000 series

- amdgpu: update vega20 to the latest 19.10 firmware

- amdgpu: update vega12 to the latest 19.10 firmware

- amdgpu: update vega10 to the latest 19.10 firmware

- amdgpu: update polaris11 to the latest 19.10 firmware

- amdgpu: update polaris10 to the latest 19.10 firmware

- amdgpu: update raven2 to the latest 19.10 firmware

- amdgpu: update raven to the latest 19.10 firmware

- amdgpu: update picasso to the latest 19.10 firmware

- linux-firmware: update fw for qat devices

- Mellanox: Add new mlxsw_spectrum firmware 13.2000.1122

- drm/i915/firmware: Add ICL HuC v8.4.3238

- drm/i915/firmware: Add ICL GuC v32.0.3

- drm/i915/firmware: Add GLK HuC v03.01.2893

- drm/i915/firmware: Add GLK GuC v32.0.3

- drm/i915/firmware: Add KBL GuC v32.0.3

- drm/i915/firmware: Add SKL GuC v32.0.3

- drm/i915/firmware: Add BXT GuC v32.0.3

- linux-firmware: Add firmware file for Intel Bluetooth 22161

- cxgb4: update firmware to revision 1.23.4.0 (bsc#1136334)

- linux-firmware: Update NXP Management Complex firmware to version 10.14.3

- linux-firmware: add firmware for MT7615E

- mediatek: update MT8173 VPU firmware to v1.1.2 [decoder] Enlarge struct vdec_pic_info to support more capture buffer plane and capture buffer format change.

- linux-firmware: update Marvell 8797/8997 firmware images

- nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.23

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected kernel-firmware packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1136334

https://bugzilla.opensuse.org/show_bug.cgi?id=1136498

https://bugzilla.opensuse.org/show_bug.cgi?id=1139383

Plugin Details

Severity: Medium

ID: 126903

File Name: openSUSE-2019-1770.nasl

Version: 1.4

Type: local

Agent: unix

Published: 7/22/2019

Updated: 5/9/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2019-9836

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:kernel-firmware, cpe:/o:novell:opensuse:15.1, p-cpe:/a:novell:opensuse:ucode-amd

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/21/2019

Vulnerability Publication Date: 6/25/2019

Reference Information

CVE: CVE-2019-9836