ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0472
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0472)
Resumen:	The remote host is missing an update for the 'kernel-firmware-nonfree, radeon-firmware' package(s) announced via the MGASA-2017-0472 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel-firmware-nonfree, radeon-firmware' package(s) announced via the MGASA-2017-0472 advisory. Vulnerability Insight: Updated nonfree firmwares fixes at least the following security issues: Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air (CVE-2016-0801) - adding length checks for TDLS action frames (CVE-2017-0561) - adding length checks for WME IE (CVE-2017-9417) Iwlwifi firmware fixes: - The reinstallation of the Group Temporal key could be used for replay attacks (CVE-2017-13080) - The reinstallation of the Integrity Group Temporal key could be used for replay attacks (CVE-2017-13081) This update also adds updated firmwares: * ath10k, cxgb4, liquidio, mrvl, ql2400, ql2500, wilc1000 * Amd Polaris10-12, Intel BXT/SKL/KBL/CNL and new firmwares: * Amd Vega10 and Raven * Cavium nitrox * Intel CNL/GLK, IPU3, JeffersonPeak, ThunderPeak * Mellanox Spectrum * nVidia GP108 (GTX1030) * Qualcom Adreno &Venus, imx SDMA, * Realtek rtl8822be in order to support new hardware supported by 4.14 series kernels. Affected Software/OS: 'kernel-firmware-nonfree, radeon-firmware' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0801 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html https://www.exploit-db.com/exploits/39801/ https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html http://www.securitytracker.com/id/1035353 Common Vulnerability Exposure (CVE) ID: CVE-2017-0561 BugTraq ID: 97367 http://www.securityfocus.com/bid/97367 https://www.exploit-db.com/exploits/41805/ https://www.exploit-db.com/exploits/41806/ http://www.securitytracker.com/id/1038201 Common Vulnerability Exposure (CVE) ID: CVE-2017-13080 BugTraq ID: 101274 http://www.securityfocus.com/bid/101274 CERT/CC vulnerability note: VU#228519 http://www.kb.cert.org/vuls/id/228519 Cisco Security Advisory: 20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa Debian Security Information: DSA-3999 (Google Search) http://www.debian.org/security/2017/dsa-3999 FreeBSD Security Advisory: FreeBSD-SA-17:07 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://www.krackattacks.com/ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html RedHat Security Advisories: RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2907 RedHat Security Advisories: RHSA-2017:2911 https://access.redhat.com/errata/RHSA-2017:2911 http://www.securitytracker.com/id/1039572 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039578 http://www.securitytracker.com/id/1039581 http://www.securitytracker.com/id/1039585 http://www.securitytracker.com/id/1039703 SuSE Security Announcement: SUSE-SU-2017:2745 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html SuSE Security Announcement: SUSE-SU-2017:2752 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html SuSE Security Announcement: openSUSE-SU-2017:2755 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html http://www.ubuntu.com/usn/USN-3455-1 Common Vulnerability Exposure (CVE) ID: CVE-2017-13081 Common Vulnerability Exposure (CVE) ID: CVE-2017-9417 BugTraq ID: 99482 http://www.securityfocus.com/bid/99482 Bugtraq: 20190514 APPLE-SA-2019-5-13-6 Apple TV Software 7.3 (Google Search) https://seclists.org/bugtraq/2019/May/30 http://seclists.org/fulldisclosure/2019/May/24 https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets http://www.securitytracker.com/id/1038950 http://www.securitytracker.com/id/1039330
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.