SUSE-SU-2023:3019-1: moderate: Security update for kernel-firmware
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Jul 28 20:30:12 UTC 2023
# Security update for kernel-firmware
Announcement ID: SUSE-SU-2023:3019-1
Rating: moderate
References:
* #1213286
Cross-References:
* CVE-2023-20593
CVSS scores:
* CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for kernel-firmware fixes the following issues:
Updated to version 20230724 (git commit 59fbffa9ec8e):
* CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability (bsc#1213286).
Bugfixes:
* Fix qcom ASoC tglp WHENCE entry
* Group all Conexant V4L devices together
* Makefile, copy-firmware: support xz/zstd compressed firmware
* Updated NXP SR150 UWB firmware
* WHENCE: Cleanup Realtek BT firmware provenance
* WHENCE: comment out duplicate MediaTek firmware
* amdgpu: Add GC 11.0.4 firmware
* amdgpu: Add PSP 13.0.11 firmware
* amdgpu: DMCUB updates for DCN 3.1.4 and 3.1.5
* amdgpu: DMCUB updates for various AMDGPU asics
* amdgpu: Update DCN 3.1.4 firmware
* amdgpu: Update GC 11.0.1 and 11.0.4
* amdgpu: Update GC 11.0.1 firmware
* amdgpu: Update PSP 13.0.4 firmware
* amdgpu: Update SDMA 6.0.1 firmware
* amdgpu: add initial GC 11.0.3 firmware
* amdgpu: add initial PSP 13.0.10 firmware
* amdgpu: add initial SDMA 6.0.3 firmware
* amdgpu: add initial SMU 13.0.10 firmware
* amdgpu: update 13.0.8 firmware for amd.5.5 release
* amdgpu: update DCN 3.1.6 DMCUB firmware
* amdgpu: update DMCUB to v0.0.172.0 for various AMDGPU ASICs
* amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs
* amdgpu: update GC 10.3.6 firmware for amd.5.5 release
* amdgpu: update GC 10.3.7 firmware for amd.5.5 release
* amdgpu: update GC 11.0.0 firmware for amd.5.5 release
* amdgpu: update GC 11.0.1 firmware for amd.5.5 release
* amdgpu: update GC 11.0.2 firmware for amd.5.5 release
* amdgpu: update GC 11.0.4 firmware for amd.5.5 release
* amdgpu: update PSP 13.0.0 firmware for amd.5.5 release
* amdgpu: update PSP 13.0.11 firmware for amd.5.5 release
* amdgpu: update PSP 13.0.4 firmware for amd.5.5 release
* amdgpu: update PSP 13.0.7 firmware for amd.5.5 release
* amdgpu: update Picasso VCN firmware
* amdgpu: update SDMA 6.0.1 firmware for amd.5.5 release
* amdgpu: update SMU 13.0.0 firmware for amd.5.5 release
* amdgpu: update SMU 13.0.7 firmware for amd.5.5 release
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update VCN 4.0.0 firmware for amd.5.5 release
* amdgpu: update VCN 4.0.4 firmware for amd.5.5 release
* amdgpu: update aldebaran firmware for amd.5.5 release
* amdgpu: update arcturus firmware for amd.5.5 release
* amdgpu: update beige goby firmware for amd.5.5 release
* amdgpu: update dimgrey cavefish firmware for amd.5.5 release
* amdgpu: update green sardine VCN firmware
* amdgpu: update green sardine firmware for amd.5.5 release
* amdgpu: update navi10 firmware for amd.5.5 release
* amdgpu: update navi12 firmware for amd.5.5 release
* amdgpu: update navi14 firmware for amd.5.5 release
* amdgpu: update navy flounder firmware for amd.5.5 release
* amdgpu: update psp 13.0.5 firmware for amd.5.5 release
* amdgpu: update raven VCN firmware
* amdgpu: update raven2 VCN firmware
* amdgpu: update renoir VCN firmware
* amdgpu: update renoir firmware for amd.5.5 release
* amdgpu: update sienna cichlid firmware for amd.5.5 release
* amdgpu: update vangogh firmware for amd.5.5 release
* amdgpu: update vcn 3.1.2 firmware for amd.5.5 release
* amdgpu: update vega10 firmware for amd.5.5 release
* amdgpu: update vega12 firmware for amd.5.5 release
* amdgpu: update vega20 firmware for amd.5.5 release
* amdgpu: update yellow carp firmware for amd.5.5 release
* ath10k: QCA4019 hw1.0: update board-2.bin
* ath10k: QCA6174 hw3.0: update board-2.bin
* ath10k: QCA9888 hw2.0: update board-2.bin
* ath10k: QCA9984 hw1.0: update board-2.bin
* ath10k: QCA99X0 hw2.0: update board-2.bin
* ath11k: IPQ6018 hw1.0: update board-2.bin
* ath11k: IPQ6018 hw1.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
* ath11k: IPQ8074 hw2.0: update board-2.bin
* ath11k: IPQ8074 hw2.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
* ath11k: QCN9074 hw1.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
* ath11k: WCN6750 hw1.0: update to WLAN.MSL.1.0.1-01160-QCAMSLSWPLZ-1
* ath11k: WCN6855 hw2.0: update board-2.bin
* brcm: Add symlinks from Pine64 devices to AW-CM256SM.txt
* check_whence: Check link targets are valid
* check_whence: error if File: is actually a link
* check_whence: error if symlinks are in-tree
* check_whence: error on directory listed as File
* check_whence: error on duplicate file entries
* check_whence: strip quotation marks
* cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models
* cirrus: Add firmware and tuning files for HP G10 series laptops
* cirrus: Add firmware and tuning files for Lenovo ThinkPad P1 Gen 6
* cirrus: Add firmware for new Asus ROG Laptops
* cnm: update chips&media wave521c firmware.
* copy-firmware: drop obsolete backticks, quote
* copy-firmware: quote deskdir and dirname
* copy-firmware: silence the last shellcheck warnings
* copy-firmware: tweak sed invocation
* cxgb4: Update firmware to revision 1.27.3.0
* fix broken cirrus firmware symlinks
* i915: Add GuC v70.6.6 for MTL
* i915: Add HuC v8.5.0 for MTL
* i915: update DG2 GuC to v70.8.0
* i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL
* ice: update ice DDP comms package to 1.3.40.0
* ice: update ice DDP wireless_edge package to 1.3.10.0
* iwlwifi: add new FWs from core78-32 release
* iwlwifi: add new FWs from core80-39 release
* iwlwifi: update 9000-family firmwares to core78-32
* iwlwifi: update cc/Qu/QuZ firmwares for core80-39 release
* linux-firmware: Add firmware for Cirrus CS35L41 on Lenovo Laptops
* linux-firmware: Amphion: Update vpu firmware
* linux-firmware: Update AMD cpu microcode
* linux-firmware: Update AMD cpu microcode
* linux-firmware: Update AMD fam17h cpu microcode
* linux-firmware: Update firmware file for Intel Bluetooth AX200
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* linux-firmware: Update firmware file for Intel Bluetooth AX203
* linux-firmware: Update firmware file for Intel Bluetooth AX210
* linux-firmware: Update firmware file for Intel Bluetooth AX211
* linux-firmware: add firmware for MT7981
* linux-firmware: update firmware for MT7916
* linux-firmware: update firmware for MT7921 WiFi device
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7981
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
* linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
* linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
* linux-firmware: update qat firmware
* linux-firmware: wilc1000: update WILC1000 firmware to v16.0
* mediatek: Update mt8195 SCP firmware to support 10bit mode
* mediatek: Update mt8195 SCP firmware to support hevc
* mt76xx: Move the old Mediatek WiFi firmware to mediatek
* nvidia: update Tu10x and Tu11x signed firmware to support newer Turing HW
* qca: Update firmware files for BT chip WCN6750
* qcom: Add Audio firmware for SC8280XP X13s
* qcom: Update the microcode files for Adreno a630 GPUs.
* qcom: apq8016: add Dragonboard 410c WiFi and modem firmware
* qcom: sdm845: rename the modem firmware
* qcom: sdm845: update remoteproc firmware
* rtl_bt: Add firmware and config files for RTL8851B
* rtl_bt: Update RTL8761B BT UART firmware to 0x9DC6_D922
* rtl_bt: Update RTL8761B BT USB firmware to 0xDFC6_D922
* rtl_bt: Update RTL8852A BT USB firmware to 0xDAC7_480D
* rtl_bt: Update RTL8852B BT USB firmware to 0xDBC6_B20F
* rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225
* rtl_nic: update firmware of USB devices
* rtlwifi: Add firmware v6.0 for RTL8192FU
* rtlwifi: Update firmware for RTL8188EU to v28.0
* rtw88: 8822c: Update normal firmware to v9.9.15
* rtw89: 8851b: add firmware v0.29.41.0
* rtw89: 8852b: update format-1 fw to v0.29.29.1
* rtw89: 8852c: update fw to v0.27.56.13
* wfx: update to firmware 3.16.1
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Moderate update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-3019=1 openSUSE-SLE-15.5-2023-3019=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3019=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* kernel-firmware-i915-20230724-150500.3.3.1
* kernel-firmware-ath10k-20230724-150500.3.3.1
* kernel-firmware-usb-network-20230724-150500.3.3.1
* kernel-firmware-network-20230724-150500.3.3.1
* kernel-firmware-platform-20230724-150500.3.3.1
* kernel-firmware-bluetooth-20230724-150500.3.3.1
* kernel-firmware-intel-20230724-150500.3.3.1
* kernel-firmware-atheros-20230724-150500.3.3.1
* kernel-firmware-20230724-150500.3.3.1
* kernel-firmware-dpaa2-20230724-150500.3.3.1
* kernel-firmware-mediatek-20230724-150500.3.3.1
* kernel-firmware-sound-20230724-150500.3.3.1
* kernel-firmware-brcm-20230724-150500.3.3.1
* kernel-firmware-ti-20230724-150500.3.3.1
* kernel-firmware-liquidio-20230724-150500.3.3.1
* kernel-firmware-amdgpu-20230724-150500.3.3.1
* kernel-firmware-radeon-20230724-150500.3.3.1
* kernel-firmware-iwlwifi-20230724-150500.3.3.1
* kernel-firmware-marvell-20230724-150500.3.3.1
* kernel-firmware-mellanox-20230724-150500.3.3.1
* kernel-firmware-nfp-20230724-150500.3.3.1
* ucode-amd-20230724-150500.3.3.1
* kernel-firmware-realtek-20230724-150500.3.3.1
* kernel-firmware-media-20230724-150500.3.3.1
* kernel-firmware-bnx2-20230724-150500.3.3.1
* kernel-firmware-nvidia-20230724-150500.3.3.1
* kernel-firmware-mwifiex-20230724-150500.3.3.1
* kernel-firmware-prestera-20230724-150500.3.3.1
* kernel-firmware-serial-20230724-150500.3.3.1
* kernel-firmware-qlogic-20230724-150500.3.3.1
* kernel-firmware-chelsio-20230724-150500.3.3.1
* kernel-firmware-qcom-20230724-150500.3.3.1
* kernel-firmware-ath11k-20230724-150500.3.3.1
* kernel-firmware-all-20230724-150500.3.3.1
* kernel-firmware-ueagle-20230724-150500.3.3.1
* Basesystem Module 15-SP5 (noarch)
* kernel-firmware-i915-20230724-150500.3.3.1
* kernel-firmware-ath10k-20230724-150500.3.3.1
* kernel-firmware-usb-network-20230724-150500.3.3.1
* kernel-firmware-network-20230724-150500.3.3.1
* kernel-firmware-platform-20230724-150500.3.3.1
* kernel-firmware-bluetooth-20230724-150500.3.3.1
* kernel-firmware-intel-20230724-150500.3.3.1
* kernel-firmware-atheros-20230724-150500.3.3.1
* kernel-firmware-dpaa2-20230724-150500.3.3.1
* kernel-firmware-mediatek-20230724-150500.3.3.1
* kernel-firmware-sound-20230724-150500.3.3.1
* kernel-firmware-brcm-20230724-150500.3.3.1
* kernel-firmware-ti-20230724-150500.3.3.1
* kernel-firmware-liquidio-20230724-150500.3.3.1
* kernel-firmware-amdgpu-20230724-150500.3.3.1
* kernel-firmware-radeon-20230724-150500.3.3.1
* kernel-firmware-iwlwifi-20230724-150500.3.3.1
* kernel-firmware-marvell-20230724-150500.3.3.1
* kernel-firmware-mellanox-20230724-150500.3.3.1
* kernel-firmware-nfp-20230724-150500.3.3.1
* ucode-amd-20230724-150500.3.3.1
* kernel-firmware-realtek-20230724-150500.3.3.1
* kernel-firmware-media-20230724-150500.3.3.1
* kernel-firmware-bnx2-20230724-150500.3.3.1
* kernel-firmware-nvidia-20230724-150500.3.3.1
* kernel-firmware-mwifiex-20230724-150500.3.3.1
* kernel-firmware-prestera-20230724-150500.3.3.1
* kernel-firmware-serial-20230724-150500.3.3.1
* kernel-firmware-qlogic-20230724-150500.3.3.1
* kernel-firmware-chelsio-20230724-150500.3.3.1
* kernel-firmware-qcom-20230724-150500.3.3.1
* kernel-firmware-ath11k-20230724-150500.3.3.1
* kernel-firmware-all-20230724-150500.3.3.1
* kernel-firmware-ueagle-20230724-150500.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2023-20593.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213286
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230728/2ef579d0/attachment.htm>
More information about the sle-security-updates
mailing list