{"id":"RHSA-2023:6595","summary":"Red Hat Security Advisory: linux-firmware security, bug fix, and enhancement update","modified":"2026-04-16T10:06:19Z","published":"2024-09-16T11:18:09Z","upstream":["CVE-2022-27635","CVE-2022-36351","CVE-2022-38076","CVE-2022-40964","CVE-2022-46329","CVE-2023-20569"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6595"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178579"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2207625"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2214391"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235321"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238960"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238961"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238962"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238964"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6595.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-27635"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-27635"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27635"},{"type":"ARTICLE","url":"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-36351"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-36351"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36351"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-38076"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-38076"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38076"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-40964"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-40964"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40964"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-46329"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-46329"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46329"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-20569"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2023-20569"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-20569"},{"type":"ARTICLE","url":"https://access.redhat.com/solutions/7049120"},{"type":"ARTICLE","url":"https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf"},{"type":"ARTICLE","url":"https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html"}],"affected":[{"package":{"name":"iwl100-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl100-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:39.31.5.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl1000-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl1000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:39.31.5.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl105-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl105-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl135-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl135-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl2000-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl2000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl2030-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl2030-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl3160-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl3160-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:25.30.13.0-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl5000-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl5000-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.83.5.1_1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl5150-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl5150-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.24.2.2-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl6000g2a-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl6000g2a-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl6000g2b-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl6000g2b-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:18.168.6.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl6050-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl6050-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:41.28.5.1-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"iwl7260-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/iwl7260-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:25.30.13.0-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"libertas-sd8787-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/libertas-sd8787-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20230814-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"linux-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/linux-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20230814-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"linux-firmware-whence","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/linux-firmware-whence"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20230814-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}},{"package":{"name":"netronome-firmware","ecosystem":"Red Hat:enterprise_linux:9::baseos","purl":"pkg:rpm/redhat/netronome-firmware"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:20230814-140.el9_3"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2023:6595.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}]}