Detections
Analytics

Fedora 37 : linux-firmware (2023-eabbf4ca4d)

high Nessus Plugin ID 180022

Language:

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-eabbf4ca4d advisory.

 New firmware for AMD Zen CPUs to mitigate the AMD 'Inception' attack. Only needed for affected AMD users.

 ----

 Update to upstream 20230804 release:

 * Split out QCom Arm IP firmware
 * Merge Marvell libertas WiFi firmware
 * Mellanox: Add new mlxsw_spectrum firmware xx.2012.1012
 * Add URL for latest FW binaries for NXP BT chipsets
 * rtw89: 8851b: update firmware to v0.29.41.1
 * qcom: sdm845: add RB3 sensors DSP firmware
 * amdgpu: Update DMCUB for DCN314 & Yellow Carp
 * ice: add LAG-supporting DDP package
 * i915: Update MTL DMC to v2.13
 * i915: Update ADLP DMC to v2.20
 * cirrus: Add CS35L41 firmware for Dell Oasis Models
 * copy-firmware: Fix linking directories when using compression
 * copy-firmware: Fix test: unexpected operator
 * qcom: sc8280xp: LENOVO: remove directory sym link
 * qcom: sc8280xp: LENOVO: Remove execute bits
 * amdgpu: update VCN 4.0.0 firmware
 * amdgpu: add initial SMU 13.0.10 firmware
 * amdgpu: add initial SDMA 6.0.3 firmware
 * amdgpu: add initial PSP 13.0.10 firmware
 * amdgpu: add initial GC 11.0.3 firmware
 * Update AMD fam17h cpu microcode
 * Update AMD cpu microcode
 * amdgpu: update various generation VCN firmware
 * amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs
 * Updated NXP SR150 UWB firmware
 * wfx: update to firmware 3.16.1
 * mediatek: Update mt8195 SCP firmware to support 10bit mode
 * i915: update DG2 GuC to v70.8.0
 * i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL
 * cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models
 * Partially revert amdgpu: DMCUB updates for DCN 3.1.4 and 3.1.5
 * Update firmware for MT7922 WiFi/Bluetooth device
 * Update firmware file for Intel Bluetooth AX200/201/203/210/211
 * Fix qcom ASoC tglp WHENCE entry
 * check_whence: Check link targets are valid
 * iwlwifi: add new FWs from core80-39 release
 * iwlwifi: update cc/Qu/QuZ firmwares for core80-39 release
 * qcom: Add Audio firmware for SC8280XP X13s


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected linux-firmware package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2023-eabbf4ca4d

Plugin Details

Severity: High

ID: 180022

File Name: fedora_2023-eabbf4ca4d.nasl

Version: 1.1

Type: local

Agent: unix

Published: 8/22/2023

Updated: 11/14/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, continuous_assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:linux-firmware, cpe:/o:fedoraproject:fedora:37

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/10/2023

Vulnerability Publication Date: 8/10/2023

Reference Information