{"id":"MGASA-2018-0323","summary":"Updated nonfree firmware packages fixes security vulnerabilities","details":"This firmware update fixes the following security issues:\n\n* bcm4356, bcm4354, bcm43362, bcm43340, bcm43430:\n  - dropping replayed M3 for offloaded 4-way handshake\n    (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079)\n  - dropping replayed G1 for offloaded GTK rekey\n    (CVE-2017-13080, CVE-2017-13081)\n\nAlso in this update:\n\n* Updated bluethooth firmwares for Intel 7260, 7265, 8260\n* fixed firmware for Amd Vega10 VCE causing a hang\n","modified":"2026-04-16T01:45:58.465176234Z","published":"2018-07-25T08:24:17Z","upstream":["CVE-2017-13077","CVE-2017-13078","CVE-2017-13079","CVE-2017-13080","CVE-2017-13081"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0323.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23314"}],"affected":[{"package":{"name":"kernel-firmware-nonfree","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-firmware-nonfree?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20180606-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0323.json"}},{"package":{"name":"radeon-firmware","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/radeon-firmware?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20180606-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0323.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}