Updated nonfree firmware packages fixes security vulnerabilities
Publication date: 25 Jul 2018Modification date: 25 Jul 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-13077 , CVE-2017-13078 , CVE-2017-13079 , CVE-2017-13080 , CVE-2017-13081
Description
This firmware update fixes the following security issues:
* bcm4356, bcm4354, bcm43362, bcm43340, bcm43430:
- dropping replayed M3 for offloaded 4-way handshake
(CVE-2017-13077, CVE-2017-13078, CVE-2017-13079)
- dropping replayed G1 for offloaded GTK rekey
(CVE-2017-13080, CVE-2017-13081)
Also in this update:
* Updated bluethooth firmwares for Intel 7260, 7265, 8260
* fixed firmware for Amd Vega10 VCE causing a hang
References
- https://bugs.mageia.org/show_bug.cgi?id=23314
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081
SRPMS
6/nonfree
- kernel-firmware-nonfree-20180606-1.mga6.nonfree
- radeon-firmware-20180606-1.mga6.nonfree