rpm package
almalinux/iwl4965-firmware
pkg:rpm/almalinux/iwl4965-firmware
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-31356 | Med | 4.4 | < 228.61.2.24-124.el8_10.1 | 228.61.2.24-124.el8_10.1 | Aug 13, 2024 | Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. | |
| CVE-2023-20584 | — | < 228.61.2.24-124.el8_10.1 | 228.61.2.24-124.el8_10.1 | Aug 13, 2024 | IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. | ||
| CVE-2023-31346 | — | < 228.61.2.24-122.el8_10.1 | 228.61.2.24-122.el8_10.1 | Feb 13, 2024 | Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests. | ||
| CVE-2023-20592 | — | < 228.61.2.24-121.el8.1 | 228.61.2.24-121.el8.1 | Nov 14, 2023 | Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. | ||
| CVE-2022-46329 | — | < 228.61.2.24-121.el8.1 | 228.61.2.24-121.el8.1 | Aug 11, 2023 | Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2023-20569 | — | < 228.61.2.24-119.el8_9.1 | 228.61.2.24-119.el8_9.1 | Aug 8, 2023 | A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||
| CVE-2023-20593 | — | < 228.61.2.24-117.el8_8.1.alma.1 | 228.61.2.24-117.el8_8.1.alma.1 | Jul 24, 2023 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. |
- affected < 228.61.2.24-124.el8_10.1fixed 228.61.2.24-124.el8_10.1
Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.
- CVE-2023-20584Aug 13, 2024affected < 228.61.2.24-124.el8_10.1fixed 228.61.2.24-124.el8_10.1
IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.
- CVE-2023-31346Feb 13, 2024affected < 228.61.2.24-122.el8_10.1fixed 228.61.2.24-122.el8_10.1
Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
- CVE-2023-20592Nov 14, 2023affected < 228.61.2.24-121.el8.1fixed 228.61.2.24-121.el8.1
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity.
- CVE-2022-46329Aug 11, 2023affected < 228.61.2.24-121.el8.1fixed 228.61.2.24-121.el8.1
Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
- CVE-2023-20569Aug 8, 2023affected < 228.61.2.24-119.el8_9.1fixed 228.61.2.24-119.el8_9.1
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.
- CVE-2023-20593Jul 24, 2023affected < 228.61.2.24-117.el8_8.1.alma.1fixed 228.61.2.24-117.el8_8.1.alma.1
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.