Security fixes atleast for Intel Bluetooth... I was expecing wifi firmwares too according to: https://www.intel.com/content/www/us/en/security-center/default.html but nothing so far from Intel, not even in their iwlwifi firmware staging tree, so for now the changes are: * kernel-firmware-nonfree: - cnm: add chips&media wave521c firmware - cxgb4: Update firmware to revision 1.26.6.0 - i915: Add DMC firmware v2.16 for ADL-P - marvell: add CPT firmware images - mediatek: add firmware for MT7916 - mediatek: update firmware for MT7915 - mediatek: update firmware for MT7921 bluetooth chip - mediatek: update firmware for MT7921 WiFi device - mediatek: Update MT8173 VPU firmware to v1.1.7 - Mellanox: Add new mlxsw_spectrum firmware xx.2010.1232 - QCA: Add Bluetooth nvm file for WCN685x - QCA: Update Bluetooth WCN685x 2.0 firmware to 2.0.0-00609 - QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00324 - WHENCE: add missing symlink for NanoPi R1 * iwlwifi-firmware: - add new FWs from core63-136 release - add new FWs from core66-88 release - update 9000-family firmwares to core66-88 - Update firmware file for Intel Bluetooth 9260, 9462, 9560, AX200, AX201, AX210, AX211 * radeon-firmware: - amdgpu: update yellow carp dmcub firmware * rtlwifi-firmware: - rtw88: 8822c: Update normal firmware to v9.9.11 SRPMS: kernel-firmware-nonfree-20220209-1.mga8.nonfree.src.rpm radeon-firmware-20220209-1.mga8.nonfree.src.rpm noarch: kernel-firmware-nonfree-20220209-1.mga8.nonfree.noarch.rpm iwlwifi-firmware-20220209-1.mga8.nonfree.noarch.rpm radeon-firmware-20220209-1.mga8.nonfree.noarch.rpm ralink-firmware-20220209-1.mga8.nonfree.noarch.rpm rtlwifi-firmware-20220209-1.mga8.nonfree.noarch.rpm
(In reply to Thomas Backlund from comment #0) > Security fixes atleast for Intel Bluetooth... > I was expecing wifi firmwares too according to: > https://www.intel.com/content/www/us/en/security-center/default.html > > but nothing so far from Intel, not even in their iwlwifi firmware staging > tree, so for now the changes are: > Correction... the iwlwifi: - add new FWs from core63-136 release adds api 66 firmwares that is supported in 5.15 series kernels, so the fixes should be there...
5.15.23-desktop-1.mga8 Intel NUC, generation 10, x86_64. Updated all the firmware though most of it probably is not relevant on this system. harddrake2 identifies the Intel bluetooth hardware as Intel - Unknown, USB bus PCI 1, device 3 - Vendor id: 8087:0026 - module btusb. Bluetooth audio working as before - immediate connection to portable speaker.
CC: (none) => tarazed25
(In reply to Len Lawrence from comment #2) > 5.15.23-desktop-1.mga8 > Intel NUC, generation 10, x86_64. > > Updated all the firmware though most of it probably is not relevant on this > system. > harddrake2 identifies the Intel bluetooth hardware as Intel - Unknown, USB > bus PCI 1, device 3 - Vendor id: 8087:0026 - module btusb. > > Bluetooth audio working as before - immediate connection to portable speaker. On that theese should be relevant: * iwlwifi-firmware: - add new FWs from core63-136 release - Update firmware file for Intel Bluetooth 9260, 9462, 9560, AX200, AX201, AX210, AX211
For iwlwifi: dmesg|grep ucode for bluetooth: dmesg|grep "Firmware rev"
Whoops! $ dmesg | grep ucode [ 3.429891] iwlwifi 0000:00:14.3: Direct firmware load for iwlwifi-QuZ-a0-hr-b0-64.ucode failed with error -2 [ 3.434467] iwlwifi 0000:00:14.3: loaded firmware version 63.c04f3485.0 QuZ-a0-hr-b0-63.ucode op_mode iwlmvm $ dmesg | grep "Firmware rev" $ Thanks Thomas.
(In reply to Len Lawrence from comment #5) > Whoops! > > $ dmesg | grep ucode > [ 3.429891] iwlwifi 0000:00:14.3: Direct firmware load for > iwlwifi-QuZ-a0-hr-b0-64.ucode failed with error -2 > [ 3.434467] iwlwifi 0000:00:14.3: loaded firmware version 63.c04f3485.0 > QuZ-a0-hr-b0-63.ucode op_mode iwlmvm Yeah, this is a fun "feature" of Iwlwifi firmware handling... It tries to load every supported firmware starting from highest api (in this case "64" and when it does not find in it spits out "failed with error -2", and then drops down to trying api 63 and finds it "loaded firmware version 63" Here is how it looked on my system before this firmware update: Direct firmware load for iwlwifi-Qu-c0-hr-b0-66.ucode failed with error -2 Direct firmware load for iwlwifi-Qu-c0-hr-b0-65.ucode failed with error -2 Direct firmware load for iwlwifi-Qu-c0-hr-b0-64.ucode failed with error -2 loaded firmware version 63.c04f3485.0 Qu-c0-hr-b0-63.ucode op_mode iwlmvm with the update I now get a single: loaded firmware version 66.f1c864e0.0 Qu-c0-hr-b0-66.ucode op_mode iwlmvm :)
Dell netbook XPS13 Dual Core Intel Core i7-7500U Intel HD Graphics 620 driver: i915 v: kernel Qualcomm Atheros QCA6174 802.11ac - ath10k_pci Updated the five packages - desktop still running smoothly. $ dmesg | grep ucode $ dmesg | grep firmware [ 0.134938] Spectre V2 : Enabling Restricted Speculation for firmware calls [ 2.959900] i915 0000:00:02.0: [drm] Finished loading DMC firmware i915/kbl_dmc_ver1_04.bin (v1.4) [ 5.637676] ath10k_pci 0000:3a:00.0: firmware ver WLAN.RM.4.4.1-00157-QCARMSWPZ-1 api 6 features wowlan,ignore-otp,mfp crc32 90eebefb Broadcast to TV soundbar via bluetooth.
MGA8 Plasma, on an HP Probook 6550b. No installation issues. Before the update: $ dmesg | grep firmware [ 0.000481] Spectre V2 : Enabling Restricted Speculation for firmware calls [ 4.951650] xhci_hcd 0000:02:00.0: failed to load firmware renesas_usb_fw.mem, fallback to ROM [ 6.609096] iwlwifi 0000:43:00.0: Direct firmware load for iwlwifi-6000-6.ucode failed with error -2 [ 6.609144] iwlwifi 0000:43:00.0: Direct firmware load for iwlwifi-6000-5.ucode failed with error -2 [ 6.611807] iwlwifi 0000:43:00.0: loaded firmware version 9.221.4.1 build 25532 6000-4.ucode op_mode iwldvm After the update, I see the same result. Wifi is working. The Renesas device is an ExpressCard add-on to provide usb 3.0 ports. Despite the message that loading the firmware failed, those ports are working. This laptop does have Bluetooth capability, using a Broadcom 2070-based "HP Integrated Module," and uses the btusb driver. I have played with it once or twice, trying to communicate with an Android tablet, but was never successful. User error, I'm sure. Since dmesg doesn't show anything about firmware for it, I would assume this update doesn't affect it, anyway.
CC: (none) => andrewsfarm
MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Rebooted and wifi is OK(Intel HW) This lapatop has bluetooth and that worked OK for the recent bluez updates with a Samsung Galaxy. Now I could make connection with the KDE System Settings, and in dolphin I see the phone, but i cann't initiate a file transfer (worked OK before). Googeled and found ref to Blueman, and that did it perfectly.
CC: (none) => herman.viaene
Dell Dimension e520, Core2Quad, Radeon HD 8570 graphics(amdgpu driver), rtl8192cu wifi dongle, MGA8-64 Plasma. No installation issues. Rebooted, wifi still works, so does the display. All good here.
Advisory, added to svn: type: security subject: Updated nonfree firmware packages fix security vulnerabilities CVE: - CVE-2021-0066 - CVE-2021-0072 - CVE-2021-0076 - CVE-2021-0161 - CVE-2021-0164 - CVE-2021-0165 - CVE-2021-0166 - CVE-2021-0168 - CVE-2021-0170 - CVE-2021-0172 - CVE-2021-0173 - CVE-2021-0174 - CVE-2021-0175 - CVE-2021-0176 - CVE-2021-33139 - CVE-2021-33155 src: 8: nonfree: - kernel-firmware-nonfree-20220209-1.mga8.nonfree - radeon-firmware-20220209-1.mga8.nonfree description: | This update provides new and updated nonfree firmwares and fixes atleast the following security issues: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access (CVE-2021-0066 / SA-00539). Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow a privileged user to potentially enable information disclosure via local access (CVE-2021-0072 / SA-00539). Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow a privileged user to potentially enable denial of service via local access (CVE-2021-0076 / SA-00539). Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access (CVE-2021-0161, CVE-2021-0168 / SA-00539). Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access (CVE-2021-0164 / SA-00539). Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access (CVE-2021-0165 / SA-00539). Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access (CVE-2021-0166 / SA-00539). Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow an authenticated user to potentially enable information disclosure via local access (CVE-2021-0170 / SA-00539). Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access (CVE-2021-0172 / SA-00539). Improper Validation of Consistency within input in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow a unauthenticated user to potentially enable denial of service via adjacent access (CVE-2021-0173 / SA-00539). Improper Use of Validation Framework in firmware for some Intel(R) PROSet/ Wireless Wi-Fi may allow a unauthenticated user to potentially enable denial of service via adjacent access (CVE-2021-0174 / SA-00539). Improper Validation of Specified Index, Position, or Offset in Input in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable denial of service via adjacent access (CVE-2021-0175 / SA-00539). Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi may allow a privileged user to potentially enable denial of service via local access (CVE-2021-0176 / SA-00539). Improper conditions check in firmware for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable denial of service via adjacent access (CVE-2021-33139 / SA-00604). Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable denial of service via adjacent access (CVE-2021-33155 / SA-00604). Full list of firmware changes/updates: * kernel-firmware-nonfree: - cnm: add chips&media wave521c firmware - cxgb4: Update firmware to revision 1.26.6.0 - i915: Add DMC firmware v2.16 for ADL-P - marvell: add CPT firmware images - mediatek: add firmware for MT7916 - mediatek: update firmware for MT7915 - mediatek: update firmware for MT7921 bluetooth chip - mediatek: update firmware for MT7921 WiFi device - mediatek: Update MT8173 VPU firmware to v1.1.7 - Mellanox: Add new mlxsw_spectrum firmware xx.2010.1232 - QCA: Add Bluetooth nvm file for WCN685x - QCA: Update Bluetooth WCN685x 2.0 firmware to 2.0.0-00609 - QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00324 - WHENCE: add missing symlink for NanoPi R1 * iwlwifi-firmware: - add new FWs from core63-136 release - add new FWs from core66-88 release - update 9000-family firmwares to core66-88 - Update firmware file for Intel Bluetooth 9260, 9462, 9560, AX200, AX201, AX210, AX211 * radeon-firmware: - amdgpu: update yellow carp dmcub firmware * rtlwifi-firmware: - rtw88: 8822c: Update normal firmware to v9.9.11 references: - https://bugs.mageia.org/show_bug.cgi?id=30038 - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00604.html
Keywords: (none) => advisory
sending it along so it gets installed with the new kernel
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: (none) => MGA8-64-OK
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0065.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
This went through quicker than I thought :) Reporting in short 64 bit OK - No regressions noted on 4 systems user more or less hours Tested together: kernel-desktop, mesa, microcode, nonfree firmwares § Workstation "svarten": plasma, nvidia-current, ... Details: https://bugs.mageia.org/show_bug.cgi?id=30030#c18 § Virtual box guest mga 8, details noted in same kernel bug comment. § Laptop Asus A717, Plasma i5-7300HQ, integrated HD Graphics 630, using "Intel 810 and later" (GPU 2 not configured), wifi Atheros QCA6174 using ath10k_pci § Laptop Thinkpad T510, Plasma GPU i5-M540, 4 core GPU: GT218M[NVS 3100M] using NVIDIA GeForce 8100 to GeForce 415 wifi: Centrino Advanced N 6200, using iwlwifi § Laptop Dell Dimension M63000, Plasma CPU: Core2 Duo T7500 GPU: G84GLM [Quadro FX 1600M] using NVIDIA GeForce 8100 to GeForce 415 wifi: PRO/Wireless 3945ABG using iwl3945
CC: (none) => fri