{"id":"MGASA-2017-0472","summary":"Updated nonfree firmwares fixes security issues and adds new hw support","details":"Updated nonfree firmwares fixes at least the following security issues:\n\nBroadcom firmware fixes:\n- dropping BRCM proprietary packets received over the air (CVE-2016-0801)\n- adding length checks for TDLS action frames (CVE-2017-0561)\n- adding length checks for WME IE (CVE-2017-9417)\n\nIwlwifi firmware fixes:\n- The reinstallation of the Group Temporal key could be used for replay\n  attacks (CVE-2017-13080)\n- The reinstallation of the Integrity Group Temporal key could be used\n  for replay attacks (CVE-2017-13081)\n\nThis update also adds updated firmwares:\n* ath10k, cxgb4, liquidio, mrvl, ql2400, ql2500, wilc1000\n* Amd Polaris10-12, Intel BXT/SKL/KBL/CNL \n\nand new firmwares:\n* Amd Vega10 and Raven \n* Cavium nitrox \n* Intel CNL/GLK, IPU3, JeffersonPeak, ThunderPeak\n* Mellanox Spectrum\n* nVidia GP108 (GTX1030)\n* Qualcom Adreno  &Venus, imx SDMA, \n* Realtek rtl8822be \n\nin order to support new hardware supported by 4.14 series kernels.\n","modified":"2026-02-01T12:42:10.157954Z","published":"2017-12-28T13:16:56Z","related":["CVE-2016-0801","CVE-2017-0561","CVE-2017-13080","CVE-2017-13081","CVE-2017-9417"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0472.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22100"}],"affected":[{"package":{"name":"kernel-firmware-nonfree","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-firmware-nonfree?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20171220-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0472.json"}},{"package":{"name":"radeon-firmware","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/radeon-firmware?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20171205-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0472.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}