 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2021.0104 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2021-0104) |
| Summary: | The remote host is missing an update for the 'kernel-firmware-nonfree' package(s) announced via the MGASA-2021-0104 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel-firmware-nonfree' package(s) announced via the MGASA-2021-0104 advisory. Vulnerability Insight: Updated nonfree firmwares fixees various issues, adds new / improved hardware support and fixes at least the following security issue: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic (CVE-2019-15126). Full list of updates: * kernel-firmware-nonfree: - add firmware for Lontium LT9611UXC DSI to HDMI bridge - brcm: Add NVRAM for Vamrs 96boards Rock960 - brcm: make AP6212 in bananpi m2 plus/zero work - brcm: Link RPi4's WiFi firmware with DMI machine name - brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes - brcm: remove old brcm firmwares that have newer cypress variants (CVE-2019-15126) - cypress: Link the new cypress firmware to the old brcm files (CVE-2019-15126) - i915: Add GuC firmware v49.0.1 for all platforms - i915: Add GuC v49.0.1 for DG1 - i915: Add HuC v7.7.1 for DG1 - i915: Add DMC v2.01 for ADL-S - mediatek: update MT8173 VPU firmware to v1.1.6 - mediatek: add firmware for MT7921 - Mellanox: Add new mlxsw_spectrum firmware xx.2008.2304 - qcom: add firmware files for Adreno a650 - qcom: Add SM8250 Audio DSP firmware - qcom: Add SM8250 Compute DSP firmware - qcom: Add venus firmware files for VPU-1.0 * iwlwifi-firmware: - Update firmware for Intel Bluetooth AX200, AX201, AX210 to 22.30.0.4 * rtlwifi-firmware: - rtw89: 8852a: add firmware v0.9.12.2 Affected Software/OS: 'kernel-firmware-nonfree' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-15126 Cisco Security Advisory: 20200227 Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |