MGASA-2017-0472

Advisory lineage Upstream: 5 Downstream: 0
Published: 28 Dec 2017, 13:16
Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

28 Dec 2017, 13:16
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated

Description

Updated nonfree firmwares fixes security issues and adds new hw support Updated nonfree firmwares fixes at least the following security issues: Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air (CVE-2016-0801) - adding length checks for TDLS action frames (CVE-2017-0561) - adding length checks for WME IE (CVE-2017-9417) Iwlwifi firmware fixes: - The reinstallation of the Group Temporal key could be used for replay attacks (CVE-2017-13080) - The reinstallation of the Integrity Group Temporal key could be used for replay attacks (CVE-2017-13081) This update also adds updated firmwares: * ath10k, cxgb4, liquidio, mrvl, ql2400, ql2500, wilc1000 * Amd Polaris10-12, Intel BXT/SKL/KBL/CNL and new firmwares: * Amd Vega10 and Raven * Cavium nitrox * Intel CNL/GLK, IPU3, JeffersonPeak, ThunderPeak * Mellanox Spectrum * nVidia GP108 (GTX1030) * Qualcom Adreno &Venus, imx SDMA, * Realtek rtl8822be in order to support new hardware supported by 4.14 series kernels.

Affected Systems

  • mageiakernel-firmware-nonfree

    < 20171220-1.mga6.nonfree

  • mageiaradeon-firmware

    < 20171205-1.mga6.nonfree

References (2)