You are here
Home > Preporuke > Sigurnosni nedostatak jezgre operacijskog sustava

Sigurnosni nedostatak jezgre operacijskog sustava

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

openSUSE Security Update: Security update for kernel-firmware
______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:1770-1
Rating: moderate
References: #1136334 #1136498 #1139383
Cross-References: CVE-2019-9836
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

This update for kernel-firmware fixes the following issues:

kernel-firmware was updated to version 20190618:

* cavium: Add firmware for CNN55XX crypto driver.
* linux-firmware: Update firmware file for Intel Bluetooth 22161
* linux-firmware: Update firmware file for Intel Bluetooth 9560
* linux-firmware: Update firmware file for Intel Bluetooth 9260
* linux-firmware: Update AMD SEV firmware (CVE-2019-9836, bsc#1139383)
* linux-firmware: update licence text for Marvell firmware
* linux-firmware: update firmware for mhdp8546
* linux-firmware: rsi: update firmware images for Redpine 9113 chipset
* imx: sdma: update firmware to v3.5/v4.5
* nvidia: update GP10[2467] SEC2 RTOS with the one already used on GP108
* linux-firmware: Update firmware file for Intel Bluetooth 8265
* linux-firmware: Update firmware file for Intel Bluetooth 9260
* linux-firmware: Update firmware file for Intel Bluetooth 9560
* amlogic: add video decoder firmwares
* iwlwifi: update -46 firmwares for 22260 and 9000 series
* iwlwifi: add firmware for 22260 and update 9000 series -46 firmwares
* iwlwifi: add -46.ucode firmwares for 9000 series
* amdgpu: update vega20 to the latest 19.10 firmware
* amdgpu: update vega12 to the latest 19.10 firmware
* amdgpu: update vega10 to the latest 19.10 firmware
* amdgpu: update polaris11 to the latest 19.10 firmware
* amdgpu: update polaris10 to the latest 19.10 firmware
* amdgpu: update raven2 to the latest 19.10 firmware
* amdgpu: update raven to the latest 19.10 firmware
* amdgpu: update picasso to the latest 19.10 firmware
* linux-firmware: update fw for qat devices
* Mellanox: Add new mlxsw_spectrum firmware 13.2000.1122
* drm/i915/firmware: Add ICL HuC v8.4.3238
* drm/i915/firmware: Add ICL GuC v32.0.3
* drm/i915/firmware: Add GLK HuC v03.01.2893
* drm/i915/firmware: Add GLK GuC v32.0.3
* drm/i915/firmware: Add KBL GuC v32.0.3
* drm/i915/firmware: Add SKL GuC v32.0.3
* drm/i915/firmware: Add BXT GuC v32.0.3
* linux-firmware: Add firmware file for Intel Bluetooth 22161
* cxgb4: update firmware to revision 1.23.4.0 (bsc#1136334)
* linux-firmware: Update NXP Management Complex firmware to version 10.14.3
* linux-firmware: add firmware for MT7615E
* mediatek: update MT8173 VPU firmware to v1.1.2 [decoder] Enlarge struct
vdec_pic_info to support more capture buffer plane and capture buffer
format change.
* linux-firmware: update Marvell 8797/8997 firmware images
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.23

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-1770=1

– openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-1770=1

Package List:

– openSUSE Leap 15.1 (noarch):

kernel-firmware-20190618-lp151.2.6.1
ucode-amd-20190618-lp151.2.6.1

– openSUSE Leap 15.0 (noarch):

kernel-firmware-20190618-lp150.2.19.1
ucode-amd-20190618-lp150.2.19.1

References:

https://www.suse.com/security/cve/CVE-2019-9836.html
https://bugzilla.suse.com/1136334
https://bugzilla.suse.com/1136498
https://bugzilla.suse.com/1139383


To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org

AutorJosip Papratovic
Cert idNCERT-REF-2019-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libvirt

Otkriveni su sigurnosni nedostaci u programskoj biblioteci libvirt za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close