28274 – linux-firmware new security issue CVE-2020-12321

Bug 28274 - linux-firmware new security issue CVE-2020-12321

Summary: linux-firmware new security issue CVE-2020-12321

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	Kernel and Drivers maintainers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-02-02 17:23 CET by David Walser
Modified:	2021-02-02 17:56 CET (History)
CC List:	0 users

See Also:
Source RPM:	kernel-firmware-nonfree
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2021-02-02 17:23:56 CET

RedHat has issued an advisory today (February 2):
https://access.redhat.com/errata/RHSA-2021:0339

I don't have the correct package name, but I don't know if this is part of kernel-firmware-nonfree, microcode, or something else.

Comment 1 Thomas Backlund 2021-02-02 17:56:28 CET

AX series got fixed in: https://advisories.mageia.org/MGAA-2020-0172.html

the rest got fixed in: https://advisories.mageia.org/MGAA-2020-0223.html


And we now have even newer firware available

Source RPM: (none) => kernel-firmware-nonfree
Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.