rpm package
suse/kernel-firmware&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
pkg:rpm/suse/kernel-firmware&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12321 | — | < 20170530-21.31.1 | 20170530-21.31.1 | Nov 12, 2020 | Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||
| CVE-2018-5383 | — | < 20170530-21.28.1 | 20170530-21.28.1 | Aug 7, 2018 | Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie- | ||
| CVE-2017-5715 | — | < 20170530-21.22.1 | 20170530-21.22.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2020-12321Nov 12, 2020affected < 20170530-21.31.1fixed 20170530-21.31.1
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
- CVE-2018-5383Aug 7, 2018affected < 20170530-21.28.1fixed 20170530-21.28.1
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-
- CVE-2017-5715Jan 4, 2018affected < 20170530-21.22.1fixed 20170530-21.22.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.