SUSE-SU-2023:3019-1: moderate: Security update for kernel-firmware

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Jul 28 20:30:12 UTC 2023



# Security update for kernel-firmware

Announcement ID: SUSE-SU-2023:3019-1  
Rating: moderate  
References:

  * #1213286

  
Cross-References:

  * CVE-2023-20593

  
CVSS scores:

  * CVE-2023-20593 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Basesystem Module 15-SP5
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for kernel-firmware fixes the following issues:

Updated to version 20230724 (git commit 59fbffa9ec8e):

  * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability (bsc#1213286).

Bugfixes:

  * Fix qcom ASoC tglp WHENCE entry
  * Group all Conexant V4L devices together
  * Makefile, copy-firmware: support xz/zstd compressed firmware
  * Updated NXP SR150 UWB firmware
  * WHENCE: Cleanup Realtek BT firmware provenance
  * WHENCE: comment out duplicate MediaTek firmware
  * amdgpu: Add GC 11.0.4 firmware
  * amdgpu: Add PSP 13.0.11 firmware
  * amdgpu: DMCUB updates for DCN 3.1.4 and 3.1.5
  * amdgpu: DMCUB updates for various AMDGPU asics
  * amdgpu: Update DCN 3.1.4 firmware
  * amdgpu: Update GC 11.0.1 and 11.0.4
  * amdgpu: Update GC 11.0.1 firmware
  * amdgpu: Update PSP 13.0.4 firmware
  * amdgpu: Update SDMA 6.0.1 firmware
  * amdgpu: add initial GC 11.0.3 firmware
  * amdgpu: add initial PSP 13.0.10 firmware
  * amdgpu: add initial SDMA 6.0.3 firmware
  * amdgpu: add initial SMU 13.0.10 firmware
  * amdgpu: update 13.0.8 firmware for amd.5.5 release
  * amdgpu: update DCN 3.1.6 DMCUB firmware
  * amdgpu: update DMCUB to v0.0.172.0 for various AMDGPU ASICs
  * amdgpu: update DMCUB to v0.0.175.0 for various AMDGPU ASICs
  * amdgpu: update GC 10.3.6 firmware for amd.5.5 release
  * amdgpu: update GC 10.3.7 firmware for amd.5.5 release
  * amdgpu: update GC 11.0.0 firmware for amd.5.5 release
  * amdgpu: update GC 11.0.1 firmware for amd.5.5 release
  * amdgpu: update GC 11.0.2 firmware for amd.5.5 release
  * amdgpu: update GC 11.0.4 firmware for amd.5.5 release
  * amdgpu: update PSP 13.0.0 firmware for amd.5.5 release
  * amdgpu: update PSP 13.0.11 firmware for amd.5.5 release
  * amdgpu: update PSP 13.0.4 firmware for amd.5.5 release
  * amdgpu: update PSP 13.0.7 firmware for amd.5.5 release
  * amdgpu: update Picasso VCN firmware
  * amdgpu: update SDMA 6.0.1 firmware for amd.5.5 release
  * amdgpu: update SMU 13.0.0 firmware for amd.5.5 release
  * amdgpu: update SMU 13.0.7 firmware for amd.5.5 release
  * amdgpu: update VCN 4.0.0 firmware
  * amdgpu: update VCN 4.0.0 firmware for amd.5.5 release
  * amdgpu: update VCN 4.0.4 firmware for amd.5.5 release
  * amdgpu: update aldebaran firmware for amd.5.5 release
  * amdgpu: update arcturus firmware for amd.5.5 release
  * amdgpu: update beige goby firmware for amd.5.5 release
  * amdgpu: update dimgrey cavefish firmware for amd.5.5 release
  * amdgpu: update green sardine VCN firmware
  * amdgpu: update green sardine firmware for amd.5.5 release
  * amdgpu: update navi10 firmware for amd.5.5 release
  * amdgpu: update navi12 firmware for amd.5.5 release
  * amdgpu: update navi14 firmware for amd.5.5 release
  * amdgpu: update navy flounder firmware for amd.5.5 release
  * amdgpu: update psp 13.0.5 firmware for amd.5.5 release
  * amdgpu: update raven VCN firmware
  * amdgpu: update raven2 VCN firmware
  * amdgpu: update renoir VCN firmware
  * amdgpu: update renoir firmware for amd.5.5 release
  * amdgpu: update sienna cichlid firmware for amd.5.5 release
  * amdgpu: update vangogh firmware for amd.5.5 release
  * amdgpu: update vcn 3.1.2 firmware for amd.5.5 release
  * amdgpu: update vega10 firmware for amd.5.5 release
  * amdgpu: update vega12 firmware for amd.5.5 release
  * amdgpu: update vega20 firmware for amd.5.5 release
  * amdgpu: update yellow carp firmware for amd.5.5 release
  * ath10k: QCA4019 hw1.0: update board-2.bin
  * ath10k: QCA6174 hw3.0: update board-2.bin
  * ath10k: QCA9888 hw2.0: update board-2.bin
  * ath10k: QCA9984 hw1.0: update board-2.bin
  * ath10k: QCA99X0 hw2.0: update board-2.bin
  * ath11k: IPQ6018 hw1.0: update board-2.bin
  * ath11k: IPQ6018 hw1.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
  * ath11k: IPQ8074 hw2.0: update board-2.bin
  * ath11k: IPQ8074 hw2.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
  * ath11k: QCN9074 hw1.0: update to WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1
  * ath11k: WCN6750 hw1.0: update to WLAN.MSL.1.0.1-01160-QCAMSLSWPLZ-1
  * ath11k: WCN6855 hw2.0: update board-2.bin
  * brcm: Add symlinks from Pine64 devices to AW-CM256SM.txt
  * check_whence: Check link targets are valid
  * check_whence: error if File: is actually a link
  * check_whence: error if symlinks are in-tree
  * check_whence: error on directory listed as File
  * check_whence: error on duplicate file entries
  * check_whence: strip quotation marks
  * cirrus: Add CS35L41 firmware for ASUS ROG 2023 Models
  * cirrus: Add firmware and tuning files for HP G10 series laptops
  * cirrus: Add firmware and tuning files for Lenovo ThinkPad P1 Gen 6
  * cirrus: Add firmware for new Asus ROG Laptops
  * cnm: update chips&media wave521c firmware.
  * copy-firmware: drop obsolete backticks, quote
  * copy-firmware: quote deskdir and dirname
  * copy-firmware: silence the last shellcheck warnings
  * copy-firmware: tweak sed invocation
  * cxgb4: Update firmware to revision 1.27.3.0
  * fix broken cirrus firmware symlinks
  * i915: Add GuC v70.6.6 for MTL
  * i915: Add HuC v8.5.0 for MTL
  * i915: update DG2 GuC to v70.8.0
  * i915: update to GuC 70.8.0 and HuC 8.5.1 for MTL
  * ice: update ice DDP comms package to 1.3.40.0
  * ice: update ice DDP wireless_edge package to 1.3.10.0
  * iwlwifi: add new FWs from core78-32 release
  * iwlwifi: add new FWs from core80-39 release
  * iwlwifi: update 9000-family firmwares to core78-32
  * iwlwifi: update cc/Qu/QuZ firmwares for core80-39 release
  * linux-firmware: Add firmware for Cirrus CS35L41 on Lenovo Laptops
  * linux-firmware: Amphion: Update vpu firmware
  * linux-firmware: Update AMD cpu microcode
  * linux-firmware: Update AMD cpu microcode
  * linux-firmware: Update AMD fam17h cpu microcode
  * linux-firmware: Update firmware file for Intel Bluetooth AX200
  * linux-firmware: Update firmware file for Intel Bluetooth AX201
  * linux-firmware: Update firmware file for Intel Bluetooth AX203
  * linux-firmware: Update firmware file for Intel Bluetooth AX210
  * linux-firmware: Update firmware file for Intel Bluetooth AX211
  * linux-firmware: add firmware for MT7981
  * linux-firmware: update firmware for MT7916
  * linux-firmware: update firmware for MT7921 WiFi device
  * linux-firmware: update firmware for MT7922 WiFi device
  * linux-firmware: update firmware for MT7981
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
  * linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
  * linux-firmware: update qat firmware
  * linux-firmware: wilc1000: update WILC1000 firmware to v16.0
  * mediatek: Update mt8195 SCP firmware to support 10bit mode
  * mediatek: Update mt8195 SCP firmware to support hevc
  * mt76xx: Move the old Mediatek WiFi firmware to mediatek
  * nvidia: update Tu10x and Tu11x signed firmware to support newer Turing HW
  * qca: Update firmware files for BT chip WCN6750
  * qcom: Add Audio firmware for SC8280XP X13s
  * qcom: Update the microcode files for Adreno a630 GPUs.
  * qcom: apq8016: add Dragonboard 410c WiFi and modem firmware
  * qcom: sdm845: rename the modem firmware
  * qcom: sdm845: update remoteproc firmware
  * rtl_bt: Add firmware and config files for RTL8851B
  * rtl_bt: Update RTL8761B BT UART firmware to 0x9DC6_D922
  * rtl_bt: Update RTL8761B BT USB firmware to 0xDFC6_D922
  * rtl_bt: Update RTL8852A BT USB firmware to 0xDAC7_480D
  * rtl_bt: Update RTL8852B BT USB firmware to 0xDBC6_B20F
  * rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225
  * rtl_nic: update firmware of USB devices
  * rtlwifi: Add firmware v6.0 for RTL8192FU
  * rtlwifi: Update firmware for RTL8188EU to v28.0
  * rtw88: 8822c: Update normal firmware to v9.9.15
  * rtw89: 8851b: add firmware v0.29.41.0
  * rtw89: 8852b: update format-1 fw to v0.29.29.1
  * rtw89: 8852c: update fw to v0.27.56.13
  * wfx: update to firmware 3.16.1

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Moderate update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2023-3019=1 openSUSE-SLE-15.5-2023-3019=1

  * Basesystem Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3019=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * kernel-firmware-i915-20230724-150500.3.3.1
    * kernel-firmware-ath10k-20230724-150500.3.3.1
    * kernel-firmware-usb-network-20230724-150500.3.3.1
    * kernel-firmware-network-20230724-150500.3.3.1
    * kernel-firmware-platform-20230724-150500.3.3.1
    * kernel-firmware-bluetooth-20230724-150500.3.3.1
    * kernel-firmware-intel-20230724-150500.3.3.1
    * kernel-firmware-atheros-20230724-150500.3.3.1
    * kernel-firmware-20230724-150500.3.3.1
    * kernel-firmware-dpaa2-20230724-150500.3.3.1
    * kernel-firmware-mediatek-20230724-150500.3.3.1
    * kernel-firmware-sound-20230724-150500.3.3.1
    * kernel-firmware-brcm-20230724-150500.3.3.1
    * kernel-firmware-ti-20230724-150500.3.3.1
    * kernel-firmware-liquidio-20230724-150500.3.3.1
    * kernel-firmware-amdgpu-20230724-150500.3.3.1
    * kernel-firmware-radeon-20230724-150500.3.3.1
    * kernel-firmware-iwlwifi-20230724-150500.3.3.1
    * kernel-firmware-marvell-20230724-150500.3.3.1
    * kernel-firmware-mellanox-20230724-150500.3.3.1
    * kernel-firmware-nfp-20230724-150500.3.3.1
    * ucode-amd-20230724-150500.3.3.1
    * kernel-firmware-realtek-20230724-150500.3.3.1
    * kernel-firmware-media-20230724-150500.3.3.1
    * kernel-firmware-bnx2-20230724-150500.3.3.1
    * kernel-firmware-nvidia-20230724-150500.3.3.1
    * kernel-firmware-mwifiex-20230724-150500.3.3.1
    * kernel-firmware-prestera-20230724-150500.3.3.1
    * kernel-firmware-serial-20230724-150500.3.3.1
    * kernel-firmware-qlogic-20230724-150500.3.3.1
    * kernel-firmware-chelsio-20230724-150500.3.3.1
    * kernel-firmware-qcom-20230724-150500.3.3.1
    * kernel-firmware-ath11k-20230724-150500.3.3.1
    * kernel-firmware-all-20230724-150500.3.3.1
    * kernel-firmware-ueagle-20230724-150500.3.3.1
  * Basesystem Module 15-SP5 (noarch)
    * kernel-firmware-i915-20230724-150500.3.3.1
    * kernel-firmware-ath10k-20230724-150500.3.3.1
    * kernel-firmware-usb-network-20230724-150500.3.3.1
    * kernel-firmware-network-20230724-150500.3.3.1
    * kernel-firmware-platform-20230724-150500.3.3.1
    * kernel-firmware-bluetooth-20230724-150500.3.3.1
    * kernel-firmware-intel-20230724-150500.3.3.1
    * kernel-firmware-atheros-20230724-150500.3.3.1
    * kernel-firmware-dpaa2-20230724-150500.3.3.1
    * kernel-firmware-mediatek-20230724-150500.3.3.1
    * kernel-firmware-sound-20230724-150500.3.3.1
    * kernel-firmware-brcm-20230724-150500.3.3.1
    * kernel-firmware-ti-20230724-150500.3.3.1
    * kernel-firmware-liquidio-20230724-150500.3.3.1
    * kernel-firmware-amdgpu-20230724-150500.3.3.1
    * kernel-firmware-radeon-20230724-150500.3.3.1
    * kernel-firmware-iwlwifi-20230724-150500.3.3.1
    * kernel-firmware-marvell-20230724-150500.3.3.1
    * kernel-firmware-mellanox-20230724-150500.3.3.1
    * kernel-firmware-nfp-20230724-150500.3.3.1
    * ucode-amd-20230724-150500.3.3.1
    * kernel-firmware-realtek-20230724-150500.3.3.1
    * kernel-firmware-media-20230724-150500.3.3.1
    * kernel-firmware-bnx2-20230724-150500.3.3.1
    * kernel-firmware-nvidia-20230724-150500.3.3.1
    * kernel-firmware-mwifiex-20230724-150500.3.3.1
    * kernel-firmware-prestera-20230724-150500.3.3.1
    * kernel-firmware-serial-20230724-150500.3.3.1
    * kernel-firmware-qlogic-20230724-150500.3.3.1
    * kernel-firmware-chelsio-20230724-150500.3.3.1
    * kernel-firmware-qcom-20230724-150500.3.3.1
    * kernel-firmware-ath11k-20230724-150500.3.3.1
    * kernel-firmware-all-20230724-150500.3.3.1
    * kernel-firmware-ueagle-20230724-150500.3.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-20593.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1213286

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230728/2ef579d0/attachment.htm>


More information about the sle-security-updates mailing list