{"id":"ALSA-2023:6595","summary":"Important: linux-firmware security, bug fix, and enhancement update","details":"The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635)\n* hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-40964)\n* hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329)\n* hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-36351)\n* hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)\n* hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-38076)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T02:43:34.930241Z","published":"2023-11-07T00:00:00Z","related":["CVE-2022-27635","CVE-2022-36351","CVE-2022-38076","CVE-2022-40964","CVE-2022-46329","CVE-2023-20569"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6595"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-27635"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-36351"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-38076"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-40964"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-46329"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-20569"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2207625"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238960"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238961"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238962"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2238964"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2023-6595.html"}],"affected":[{"package":{"name":"iwl100-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl100-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"39.31.5.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl1000-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl1000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:39.31.5.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl105-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl105-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl135-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl135-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl2000-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl2000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl2030-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl2030-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl3160-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl3160-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:25.30.13.0-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl5000-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl5000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.83.5.1_1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl5150-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl5150-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.24.2.2-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl6000g2a-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl6000g2a-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl6000g2b-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl6000g2b-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl6050-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl6050-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"41.28.5.1-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"iwl7260-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/iwl7260-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:25.30.13.0-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"libertas-sd8787-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libertas-sd8787-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20230814-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"linux-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/linux-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20230814-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"linux-firmware-whence","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/linux-firmware-whence"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20230814-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}},{"package":{"name":"netronome-firmware","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/netronome-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20230814-140.el9_3"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6595.json"}}],"schema_version":"1.7.3"}