rpm package
suse/kernel-firmware&distro=SUSE Linux Enterprise Desktop 12 SP3
pkg:rpm/suse/kernel-firmware&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5383 | — | < 20170530-21.28.1 | 20170530-21.28.1 | Aug 7, 2018 | Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie- | ||
| CVE-2015-1142857 | — | < 20170530-21.19.1 | 20170530-21.19.1 | Jan 23, 2018 | On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4 | ||
| CVE-2017-5715 | — | < 20170530-21.16.1 | 20170530-21.16.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||
| CVE-2017-13081 | Med | 5.3 | < 20170530-21.13.1 | 20170530-21.13.1 | Oct 17, 2017 | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. | |
| CVE-2017-13080 | Med | 5.3 | < 20170530-21.13.1 | 20170530-21.13.1 | Oct 17, 2017 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. |
- CVE-2018-5383Aug 7, 2018affected < 20170530-21.28.1fixed 20170530-21.28.1
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-
- CVE-2015-1142857Jan 23, 2018affected < 20170530-21.19.1fixed 20170530-21.19.1
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4
- CVE-2017-5715Jan 4, 2018affected < 20170530-21.16.1fixed 20170530-21.16.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- affected < 20170530-21.13.1fixed 20170530-21.13.1
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
- affected < 20170530-21.13.1fixed 20170530-21.13.1
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.