Headline
RHSA-2023:5591: Red Hat Security Advisory: linux-firmware security update
An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Issued:
2023-10-10
Updated:
2023-10-10
RHSA-2023:5591 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: linux-firmware security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The linux-firmware packages contain all of the firmware files that are required by various devices to operate.
Security Fix(es):
- hw: amd: Cross-Process Information Leak (CVE-2023-20593)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2217845 - CVE-2023-20593 hw: amd: Cross-Process Information Leak
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
linux-firmware-20191202-100.gite8a0f4c9.el8_2.src.rpm
SHA-256: 1c1a3032419c55de3381d4582b3bcb7f58cb1dab1caf76904e0d010fc22c8edf
x86_64
iwl100-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: 7eabaebd9b404d7355a4144f207042a7bb2bd58845d6db7a1e3938c2ff7e86cf
iwl1000-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: d5f5692874003caaddd045dc26ea697254f008268f47e3aa48252138d52050b5
iwl105-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: f64a93f246cffead27bc5cd4dd78dc8fb9b483e2f2debcff8154b24c475b04fc
iwl135-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: b08a180479651fc965a4a3cda0d0eb3f061f8db4eca6b421dd4066e82758797e
iwl2000-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: a4a146316efe976aafbde0d3ed070686fe75143f35acd3c1dbc7a7ef3707ed55
iwl2030-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 1bb44c732671fbea2140e93a64f26d7d8e7683ad0d9eb56a040e633c2720817e
iwl3160-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: 65625c27d5e3cc10e899ea0e5f174370cf4d6c21d06c335925486f2774d9e958
iwl3945-firmware-15.32.2.9-100.el8_2.1.noarch.rpm
SHA-256: 88dd7e01f783bea27b0b1b01780fe4eb700005bac784555a46c879ad15adfd24
iwl4965-firmware-228.61.2.24-100.el8_2.1.noarch.rpm
SHA-256: 9c629613cd961c4a9ae2fa83f0a574ba29ead83bc78e5ba0e9bb6928d6606407
iwl5000-firmware-8.83.5.1_1-100.el8_2.1.noarch.rpm
SHA-256: f40da742b2bd32e3f1c9e294c8cb38900ac096e8a479046b9feaec0ceaa79da2
iwl5150-firmware-8.24.2.2-100.el8_2.1.noarch.rpm
SHA-256: fdac2ee486cbbbdd77a507c7518b7642cd61ff995ae4c7678080fa56780600df
iwl6000-firmware-9.221.4.1-100.el8_2.1.noarch.rpm
SHA-256: bbd02c73e7b8b4c8b78c481e3b65fb0313ac640801d6877c0f9cbf1ef16f3a41
iwl6000g2a-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: d155f2278b66119af1d537c77a507e1570bab7caa1abcbcb5d55a987943a1194
iwl6000g2b-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 36ed577cd95328d4cd8456c5a08c70683ab326f9850b384bfeaa6db781b53833
iwl6050-firmware-41.28.5.1-100.el8_2.1.noarch.rpm
SHA-256: 3b5c1313d3e4f0f0bf434e392cc1ca02d3fa805aa183c7fbb39db8eaf7edc89f
iwl7260-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: a86e391a7ceecee4214a2ab8a6d51e3da5e328a7dd62966ede2b82829b0bafd9
libertas-sd8686-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 4e92b88f3e81b7c2946c2bec0f6db1c95a26db7e0bb3ba8a2f3bb94316c71b75
libertas-sd8787-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 9a471fdca5f148474461c345c8a596d2a94ad057301cc5164cd4ad72b596ffb8
libertas-usb8388-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 659bbe0f09559d3d2cc0ae15523378ed36fed7b9731354df6340cd09f40ea691
libertas-usb8388-olpc-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 58a6c898ac01bb6b1191ccb4d2a6b3465095d6a5716ccc79e4481dd0144daf12
linux-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: e9e9d84a38ded3d6c192d70c8ccb1b2bcdcf1b67c17e9073d6ae5a7c6d5bd65f
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
linux-firmware-20191202-100.gite8a0f4c9.el8_2.src.rpm
SHA-256: 1c1a3032419c55de3381d4582b3bcb7f58cb1dab1caf76904e0d010fc22c8edf
x86_64
iwl100-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: 7eabaebd9b404d7355a4144f207042a7bb2bd58845d6db7a1e3938c2ff7e86cf
iwl1000-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: d5f5692874003caaddd045dc26ea697254f008268f47e3aa48252138d52050b5
iwl105-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: f64a93f246cffead27bc5cd4dd78dc8fb9b483e2f2debcff8154b24c475b04fc
iwl135-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: b08a180479651fc965a4a3cda0d0eb3f061f8db4eca6b421dd4066e82758797e
iwl2000-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: a4a146316efe976aafbde0d3ed070686fe75143f35acd3c1dbc7a7ef3707ed55
iwl2030-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 1bb44c732671fbea2140e93a64f26d7d8e7683ad0d9eb56a040e633c2720817e
iwl3160-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: 65625c27d5e3cc10e899ea0e5f174370cf4d6c21d06c335925486f2774d9e958
iwl3945-firmware-15.32.2.9-100.el8_2.1.noarch.rpm
SHA-256: 88dd7e01f783bea27b0b1b01780fe4eb700005bac784555a46c879ad15adfd24
iwl4965-firmware-228.61.2.24-100.el8_2.1.noarch.rpm
SHA-256: 9c629613cd961c4a9ae2fa83f0a574ba29ead83bc78e5ba0e9bb6928d6606407
iwl5000-firmware-8.83.5.1_1-100.el8_2.1.noarch.rpm
SHA-256: f40da742b2bd32e3f1c9e294c8cb38900ac096e8a479046b9feaec0ceaa79da2
iwl5150-firmware-8.24.2.2-100.el8_2.1.noarch.rpm
SHA-256: fdac2ee486cbbbdd77a507c7518b7642cd61ff995ae4c7678080fa56780600df
iwl6000-firmware-9.221.4.1-100.el8_2.1.noarch.rpm
SHA-256: bbd02c73e7b8b4c8b78c481e3b65fb0313ac640801d6877c0f9cbf1ef16f3a41
iwl6000g2a-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: d155f2278b66119af1d537c77a507e1570bab7caa1abcbcb5d55a987943a1194
iwl6000g2b-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 36ed577cd95328d4cd8456c5a08c70683ab326f9850b384bfeaa6db781b53833
iwl6050-firmware-41.28.5.1-100.el8_2.1.noarch.rpm
SHA-256: 3b5c1313d3e4f0f0bf434e392cc1ca02d3fa805aa183c7fbb39db8eaf7edc89f
iwl7260-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: a86e391a7ceecee4214a2ab8a6d51e3da5e328a7dd62966ede2b82829b0bafd9
libertas-sd8686-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 4e92b88f3e81b7c2946c2bec0f6db1c95a26db7e0bb3ba8a2f3bb94316c71b75
libertas-sd8787-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 9a471fdca5f148474461c345c8a596d2a94ad057301cc5164cd4ad72b596ffb8
libertas-usb8388-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 659bbe0f09559d3d2cc0ae15523378ed36fed7b9731354df6340cd09f40ea691
libertas-usb8388-olpc-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 58a6c898ac01bb6b1191ccb4d2a6b3465095d6a5716ccc79e4481dd0144daf12
linux-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: e9e9d84a38ded3d6c192d70c8ccb1b2bcdcf1b67c17e9073d6ae5a7c6d5bd65f
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
linux-firmware-20191202-100.gite8a0f4c9.el8_2.src.rpm
SHA-256: 1c1a3032419c55de3381d4582b3bcb7f58cb1dab1caf76904e0d010fc22c8edf
ppc64le
iwl100-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: 7eabaebd9b404d7355a4144f207042a7bb2bd58845d6db7a1e3938c2ff7e86cf
iwl1000-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: d5f5692874003caaddd045dc26ea697254f008268f47e3aa48252138d52050b5
iwl105-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: f64a93f246cffead27bc5cd4dd78dc8fb9b483e2f2debcff8154b24c475b04fc
iwl135-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: b08a180479651fc965a4a3cda0d0eb3f061f8db4eca6b421dd4066e82758797e
iwl2000-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: a4a146316efe976aafbde0d3ed070686fe75143f35acd3c1dbc7a7ef3707ed55
iwl2030-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 1bb44c732671fbea2140e93a64f26d7d8e7683ad0d9eb56a040e633c2720817e
iwl3160-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: 65625c27d5e3cc10e899ea0e5f174370cf4d6c21d06c335925486f2774d9e958
iwl3945-firmware-15.32.2.9-100.el8_2.1.noarch.rpm
SHA-256: 88dd7e01f783bea27b0b1b01780fe4eb700005bac784555a46c879ad15adfd24
iwl4965-firmware-228.61.2.24-100.el8_2.1.noarch.rpm
SHA-256: 9c629613cd961c4a9ae2fa83f0a574ba29ead83bc78e5ba0e9bb6928d6606407
iwl5000-firmware-8.83.5.1_1-100.el8_2.1.noarch.rpm
SHA-256: f40da742b2bd32e3f1c9e294c8cb38900ac096e8a479046b9feaec0ceaa79da2
iwl5150-firmware-8.24.2.2-100.el8_2.1.noarch.rpm
SHA-256: fdac2ee486cbbbdd77a507c7518b7642cd61ff995ae4c7678080fa56780600df
iwl6000-firmware-9.221.4.1-100.el8_2.1.noarch.rpm
SHA-256: bbd02c73e7b8b4c8b78c481e3b65fb0313ac640801d6877c0f9cbf1ef16f3a41
iwl6000g2a-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: d155f2278b66119af1d537c77a507e1570bab7caa1abcbcb5d55a987943a1194
iwl6000g2b-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 36ed577cd95328d4cd8456c5a08c70683ab326f9850b384bfeaa6db781b53833
iwl6050-firmware-41.28.5.1-100.el8_2.1.noarch.rpm
SHA-256: 3b5c1313d3e4f0f0bf434e392cc1ca02d3fa805aa183c7fbb39db8eaf7edc89f
iwl7260-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: a86e391a7ceecee4214a2ab8a6d51e3da5e328a7dd62966ede2b82829b0bafd9
libertas-sd8686-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 4e92b88f3e81b7c2946c2bec0f6db1c95a26db7e0bb3ba8a2f3bb94316c71b75
libertas-sd8787-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 9a471fdca5f148474461c345c8a596d2a94ad057301cc5164cd4ad72b596ffb8
libertas-usb8388-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 659bbe0f09559d3d2cc0ae15523378ed36fed7b9731354df6340cd09f40ea691
libertas-usb8388-olpc-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 58a6c898ac01bb6b1191ccb4d2a6b3465095d6a5716ccc79e4481dd0144daf12
linux-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: e9e9d84a38ded3d6c192d70c8ccb1b2bcdcf1b67c17e9073d6ae5a7c6d5bd65f
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
linux-firmware-20191202-100.gite8a0f4c9.el8_2.src.rpm
SHA-256: 1c1a3032419c55de3381d4582b3bcb7f58cb1dab1caf76904e0d010fc22c8edf
x86_64
iwl100-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: 7eabaebd9b404d7355a4144f207042a7bb2bd58845d6db7a1e3938c2ff7e86cf
iwl1000-firmware-39.31.5.1-100.el8_2.1.noarch.rpm
SHA-256: d5f5692874003caaddd045dc26ea697254f008268f47e3aa48252138d52050b5
iwl105-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: f64a93f246cffead27bc5cd4dd78dc8fb9b483e2f2debcff8154b24c475b04fc
iwl135-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: b08a180479651fc965a4a3cda0d0eb3f061f8db4eca6b421dd4066e82758797e
iwl2000-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: a4a146316efe976aafbde0d3ed070686fe75143f35acd3c1dbc7a7ef3707ed55
iwl2030-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 1bb44c732671fbea2140e93a64f26d7d8e7683ad0d9eb56a040e633c2720817e
iwl3160-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: 65625c27d5e3cc10e899ea0e5f174370cf4d6c21d06c335925486f2774d9e958
iwl3945-firmware-15.32.2.9-100.el8_2.1.noarch.rpm
SHA-256: 88dd7e01f783bea27b0b1b01780fe4eb700005bac784555a46c879ad15adfd24
iwl4965-firmware-228.61.2.24-100.el8_2.1.noarch.rpm
SHA-256: 9c629613cd961c4a9ae2fa83f0a574ba29ead83bc78e5ba0e9bb6928d6606407
iwl5000-firmware-8.83.5.1_1-100.el8_2.1.noarch.rpm
SHA-256: f40da742b2bd32e3f1c9e294c8cb38900ac096e8a479046b9feaec0ceaa79da2
iwl5150-firmware-8.24.2.2-100.el8_2.1.noarch.rpm
SHA-256: fdac2ee486cbbbdd77a507c7518b7642cd61ff995ae4c7678080fa56780600df
iwl6000-firmware-9.221.4.1-100.el8_2.1.noarch.rpm
SHA-256: bbd02c73e7b8b4c8b78c481e3b65fb0313ac640801d6877c0f9cbf1ef16f3a41
iwl6000g2a-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: d155f2278b66119af1d537c77a507e1570bab7caa1abcbcb5d55a987943a1194
iwl6000g2b-firmware-18.168.6.1-100.el8_2.1.noarch.rpm
SHA-256: 36ed577cd95328d4cd8456c5a08c70683ab326f9850b384bfeaa6db781b53833
iwl6050-firmware-41.28.5.1-100.el8_2.1.noarch.rpm
SHA-256: 3b5c1313d3e4f0f0bf434e392cc1ca02d3fa805aa183c7fbb39db8eaf7edc89f
iwl7260-firmware-25.30.13.0-100.el8_2.1.noarch.rpm
SHA-256: a86e391a7ceecee4214a2ab8a6d51e3da5e328a7dd62966ede2b82829b0bafd9
libertas-sd8686-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 4e92b88f3e81b7c2946c2bec0f6db1c95a26db7e0bb3ba8a2f3bb94316c71b75
libertas-sd8787-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 9a471fdca5f148474461c345c8a596d2a94ad057301cc5164cd4ad72b596ffb8
libertas-usb8388-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 659bbe0f09559d3d2cc0ae15523378ed36fed7b9731354df6340cd09f40ea691
libertas-usb8388-olpc-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: 58a6c898ac01bb6b1191ccb4d2a6b3465095d6a5716ccc79e4481dd0144daf12
linux-firmware-20191202-100.gite8a0f4c9.el8_2.noarch.rpm
SHA-256: e9e9d84a38ded3d6c192d70c8ccb1b2bcdcf1b67c17e9073d6ae5a7c6d5bd65f
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-7665-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2023-7557-01 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include information leakage and use-after-free vulnerabilities.
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 267484.
An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances.
Red Hat Security Advisory 2023-5419-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5068-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
Ubuntu Security Notice 6342-2 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6316-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...
Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...
Debian Linux Security Advisory 5461-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
A new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as CVE-2023-20593 (CVSS score: 6.5) – allows data exfiltration at the rate of 30 kb per core, per second. The