Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-12321 (GCVE-0-2020-12321)
Vulnerability from cvelistv5 – Published: 2020-11-12 18:12 – Updated: 2024-08-04 11:56- escalation of privilege
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Wireless Bluetooth(R) |
Affected:
before version 21.110
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:51.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Wireless Bluetooth(R)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 21.110"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-12T18:12:10.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Wireless Bluetooth(R)",
"version": {
"version_data": [
{
"version_value": "before version 21.110"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2020-12321",
"datePublished": "2020-11-12T18:12:10.000Z",
"dateReserved": "2020-04-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:56:51.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-12321",
"date": "2026-07-02",
"epss": "0.0097",
"percentile": "0.57571"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:dual_band_wireless-ac_3168_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"1F44B727-A61B-4B93-B7B1-09E7EBCC57D1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E3F3AC3-7774-44DE-82C3-531D874D6175\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:dual_band_wireless-ac_8260_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"5082F651-CC50-4E53-90B0-426111BFF813\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD5900B9-D8E3-4928-B587-955BCAE07460\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:dual_band_wireless-ac_8265_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"925CE55F-442D-4EFD-AC2C-AB9CDB94D534\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89ED6FDA-BE47-4E7D-A449-439A917119DA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"F20A2CC7-FB72-43E3-B06C-265DEBF15162\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D653F9C-5B2E-400F-8F50-BFE466F08F0E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"FDAC7CFA-A7C5-41E8-B0CD-F87F89C65500\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0433774-9479-4A01-B697-1379AEA223C9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wireless-ac_9260_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"B11777A7-3A99-4619-8CC8-C5EC4ECA1062\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4900842A-56C4-4F09-BBD4-080EC7CEBF33\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wireless-ac_9461_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"438C8188-2F72-4915-9A65-A955A09B8A05\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F198C1B-28A8-4FB8-9266-333A6E465445\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wireless-ac_9462_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"DF5ACA70-6388-4A3D-86BB-997016A48071\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B60A55C-0969-43D4-A1A8-0E736DE89AFA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wireless-ac_9560_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"047A3925-3023-4AAB-B0E2-905B1FC12B87\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7A5DD09-188E-4772-BBFD-3DCC776F4D55\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:wireless_7265_\\\\(rev_d\\\\)_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"7B905141-5EC7-4DF2-944D-84BCE30BBBA4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:wireless_7265_\\\\(rev_d\\\\):-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD700D79-A4B3-4C62-93BE-D13F016AA3CC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:intel:dual_band_wireless-ac_3165_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.110\", \"matchCriteriaId\": \"FA251E20-3875-4877-A844-DCAEB17AF1CA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C1729F4-7CCA-404A-903E-F0F6C1F9302B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.\"}, {\"lang\": \"es\", \"value\": \"Una restricci\\u00f3n de b\\u00fafer inapropiada en algunos productos Intel\\u00ae Wireless Bluetooth\\u00ae anterior a versi\\u00f3n 21.110, puede habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso adyacente\"}]",
"id": "CVE-2020-12321",
"lastModified": "2024-11-21T04:59:30.700",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 5.8, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.5, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-11-12T18:15:14.533",
"references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-12321\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2020-11-12T18:15:14.533\",\"lastModified\":\"2024-11-21T04:59:30.700\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.\"},{\"lang\":\"es\",\"value\":\"Una restricci\u00f3n de b\u00fafer inapropiada en algunos productos Intel\u00ae Wireless Bluetooth\u00ae anterior a versi\u00f3n 21.110, puede habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso adyacente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:dual_band_wireless-ac_3168_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"1F44B727-A61B-4B93-B7B1-09E7EBCC57D1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E3F3AC3-7774-44DE-82C3-531D874D6175\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:dual_band_wireless-ac_8260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"5082F651-CC50-4E53-90B0-426111BFF813\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD5900B9-D8E3-4928-B587-955BCAE07460\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:dual_band_wireless-ac_8265_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"925CE55F-442D-4EFD-AC2C-AB9CDB94D534\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89ED6FDA-BE47-4E7D-A449-439A917119DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"F20A2CC7-FB72-43E3-B06C-265DEBF15162\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D653F9C-5B2E-400F-8F50-BFE466F08F0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"FDAC7CFA-A7C5-41E8-B0CD-F87F89C65500\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0433774-9479-4A01-B697-1379AEA223C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wireless-ac_9260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"B11777A7-3A99-4619-8CC8-C5EC4ECA1062\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4900842A-56C4-4F09-BBD4-080EC7CEBF33\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wireless-ac_9461_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"438C8188-2F72-4915-9A65-A955A09B8A05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F198C1B-28A8-4FB8-9266-333A6E465445\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wireless-ac_9462_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"DF5ACA70-6388-4A3D-86BB-997016A48071\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B60A55C-0969-43D4-A1A8-0E736DE89AFA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wireless-ac_9560_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"047A3925-3023-4AAB-B0E2-905B1FC12B87\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A5DD09-188E-4772-BBFD-3DCC776F4D55\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:wireless_7265_\\\\(rev_d\\\\)_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"7B905141-5EC7-4DF2-944D-84BCE30BBBA4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:wireless_7265_\\\\(rev_d\\\\):-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD700D79-A4B3-4C62-93BE-D13F016AA3CC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:dual_band_wireless-ac_3165_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.110\",\"matchCriteriaId\":\"FA251E20-3875-4877-A844-DCAEB17AF1CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C1729F4-7CCA-404A-903E-F0F6C1F9302B\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2024-AVI-0027
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | CTPView versions versions antérieures à 9.1R5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved version antérieures à 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO | ||
| Juniper Networks | N/A | Paragon Active Assurance versions antérieures à 3.1.2, 3.2.3, 3.3.2 et 3.4.1 | ||
| Juniper Networks | Junos OS | Junos OS version antérieures à 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1 | ||
| Juniper Networks | Session Smart Router | Session Smart Router versions antérieures à SSR-6.2.3-r2 | ||
| Juniper Networks | N/A | Security Director Insights versions antérieures à 23.1R1 |
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView versions versions ant\u00e9rieures \u00e0 9.1R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved version ant\u00e9rieures \u00e0 20.4R2-EVO, 20.4R2-S2-EVO, 20.4R3-EVO, 20.4R3-S7-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.2R3-S7-EVO, 21.3R2-EVO, 21.3R3-S5-EVO, 21.4R3-EVO, 21.4R3-S3-EVO, 21.4R3-S5-EVO, 21.4R3-S6-EVO, 22.1R3-EVO, 22.1R3-S2-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R2-S1-EVO, 22.2R2-S2-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.3R1-EVO, 22.3R2-EVO, 22.3R3-EVO, 22.3R3-S1-EVO, 22.4R1-EVO, 22.4R2-EVO, 22.4R2-S2-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-EVO, 23.2R1-S1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.3R1-EVO et 23.4R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Paragon Active Assurance versions ant\u00e9rieures \u00e0 3.1.2, 3.2.3, 3.3.2 et 3.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS version ant\u00e9rieures \u00e0 20.4R3-S3, 20.4R3-S6, 20.4R3-S7, 20.4R3-S8, 20.4R3-S9, 21.1R3-S4, 21.1R3-S5, 21.2R3, 21.2R3-S3, 21.2R3-S4, 21.2R3-S5, 21.2R3-S6, 21.2R3-S7, 21.3R2-S1, 21.3R3, 21.3R3-S3, 21.3R3-S4, 21.3R3-S5, 21.4R2, 21.4R3, 21.4R3-S3, 21.4R3-S4, 21.4R3-S5, 22.1R2, 22.1R2-S2, 22.1R3, 22.1R3-S1, 22.1R3-S2, 22.1R3-S3, 22.1R3-S4, 22.2R1, 22.2R2, 22.2R2-S1, 22.2R2-S2, 22.2R3, 22.2R3-S1, 22.2R3-S2, 22.2R3-S3, 22.3R1, 22.3R2, 22.3R2-S1, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.4R1, 22.4R1-S2, 22.4R2, 22.4R2-S1, 22.4R2-S2, 22.4R3, 23.1R1, 23.1R2, 23.2R1, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.3R1 et 23.4R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-6.2.3-r2",
"product": {
"name": "Session Smart Router",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director Insights versions ant\u00e9rieures \u00e0 23.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2024-21602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21602"
},
{
"name": "CVE-2022-41974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41974"
},
{
"name": "CVE-2023-38802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38802"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"name": "CVE-2022-41973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41973"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2024-21616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21616"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2023-2235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-1281",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
},
{
"name": "CVE-2024-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21599"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2024-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21614"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-26464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2024-21607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21607"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2023-0266",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2024-21596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21596"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2023-2194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
},
{
"name": "CVE-2024-21604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21604"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2022-0934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0934"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-21600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21600"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21606"
},
{
"name": "CVE-2022-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0330"
},
{
"name": "CVE-2022-41222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41222"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2022-23305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-21591",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21591"
},
{
"name": "CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"name": "CVE-2022-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21587"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2024-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21617"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2024-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21589"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2024-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21595"
},
{
"name": "CVE-2021-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3564"
},
{
"name": "CVE-2021-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3621"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2022-22164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22164"
},
{
"name": "CVE-2024-21597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21597"
},
{
"name": "CVE-2021-3752",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3752"
},
{
"name": "CVE-2023-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-38408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2023-1829",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
},
{
"name": "CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-2873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2873"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2024-21611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21611"
},
{
"name": "CVE-2024-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21613"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-21612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21612"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2024-21603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21603"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21585"
},
{
"name": "CVE-2022-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2021-44832",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2023-36842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36842"
},
{
"name": "CVE-2022-4139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
},
{
"name": "CVE-2024-21594",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21594"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2024-21601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21601"
},
{
"name": "CVE-2023-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0027",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75723 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-rpd-process-crash-due-to-BGP-flap-on-NSR-enabled-devices-CVE-2024-21585"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75741 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-PTX-Series-In-an-FTI-scenario-MPLS-packets-hitting-reject-next-hop-will-cause-a-host-path-wedge-condition-CVE-2024-21600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75752 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-jflow-scenario-continuous-route-churn-will-cause-a-memory-leak-and-eventually-an-rpd-crash-CVE-2024-21611"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75757 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Processing-of-a-specific-SIP-packet-causes-NAT-IP-allocation-to-fail-CVE-2024-21616"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75730 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-jdhcpd-will-hang-on-receiving-a-specific-DHCP-packet-CVE-2023-36842"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75734 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-EX4100-EX4400-EX4600-and-QFX5000-Series-A-high-rate-of-specific-ICMP-traffic-will-cause-the-PFE-to-hang-CVE-2024-21595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75737 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Security-Director-Insights-Multiple-vulnerabilities-in-SDI"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75721 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-IPython-privilege-escalation-vulnerability-CVE-2022-21699"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75736 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-CTPView-Multiple-vulnerabilities-in-CTPView-CVE-yyyy-nnnn"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75747 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-flowd-will-crash-when-tcp-encap-is-enabled-and-specific-packets-are-received-CVE-2024-21606"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75758 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-BGP-flap-on-NSR-enabled-devices-causes-memory-leak-CVE-2024-21617"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11272 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-Evolved-Telnet-service-may-be-enabled-when-it-is-expected-to-be-disabled-CVE-2022-22164"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75727 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Paragon-Active-Assurance-Control-Center-Information-disclosure-vulnerability-CVE-2024-21589"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75233 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75754 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-link-flap-causes-patroot-memory-leak-which-leads-to-rpd-crash-CVE-2024-21613"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75753 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-Specific-TCP-traffic-causes-OFP-core-and-restart-of-RE-CVE-2024-21612"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75742 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-Due-to-an-error-in-processing-TCP-events-flowd-will-crash-CVE-2024-21601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75740 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-MPC3E-memory-leak-with-PTP-configuration-CVE-2024-21599"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75748 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-and-EX9200-Series-If-the-tcp-reset-option-used-in-an-IPv6-filter-matched-packets-are-accepted-instead-of-rejected-CVE-2024-21607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75744 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-Gathering-statistics-in-a-scaled-SCU-DCU-configuration-will-lead-to-a-device-crash-CVE-2024-21603"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75743 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7100-32C-and-ACX7100-48L-Traffic-stops-when-a-specific-IPv4-UDP-packet-is-received-by-the-RE-CVE-2024-21602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75738 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-MX-Series-In-an-AF-scenario-traffic-can-bypass-configured-lo0-firewall-filters-CVE-2024-21597"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75733 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-5000-Series-Repeated-execution-of-a-specific-CLI-command-causes-a-flowd-crash-CVE-2024-21594"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75725 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Memory-leak-in-bbe-smgd-process-if-BFD-liveness-detection-for-DHCP-subscribers-is-enabled-CVE-2024-21587"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75755 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-query-via-DREND-causes-rpd-crash-CVE-2024-21614"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75735 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-specific-BGP-UPDATE-message-will-cause-a-crash-in-the-backup-Routing-Engine-CVE-2024-21596"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75745 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-traffic-will-cause-a-complete-system-outage-CVE-2024-21604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA75729 du 10 janvier 2024",
"url": "https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Security-Vulnerability-in-J-web-allows-a-preAuth-Remote-Code-Execution-CVE-2024-21591"
}
]
}
FKIE_CVE-2020-12321
Vulnerability from fkie_nvd - Published: 2020-11-12 18:15 - Updated: 2026-06-17 02:51| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403 | Patch, Vendor Advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| intel | dual_band_wireless-ac_3168_firmware | * | |
| intel | dual_band_wireless-ac_3168 | - | |
| intel | dual_band_wireless-ac_8260_firmware | * | |
| intel | dual_band_wireless-ac_8260 | - | |
| intel | dual_band_wireless-ac_8265_firmware | * | |
| intel | dual_band_wireless-ac_8265 | - | |
| intel | wi-fi_6_ax200_firmware | * | |
| intel | wi-fi_6_ax200 | - | |
| intel | wi-fi_6_ax201_firmware | * | |
| intel | wi-fi_6_ax201 | - | |
| intel | wireless-ac_9260_firmware | * | |
| intel | wireless-ac_9260 | - | |
| intel | wireless-ac_9461_firmware | * | |
| intel | wireless-ac_9461 | - | |
| intel | wireless-ac_9462_firmware | * | |
| intel | wireless-ac_9462 | - | |
| intel | wireless-ac_9560_firmware | * | |
| intel | wireless-ac_9560 | - | |
| intel | wireless_7265_\(rev_d\)_firmware | * | |
| intel | wireless_7265_\(rev_d\) | - | |
| intel | dual_band_wireless-ac_3165_firmware | * | |
| intel | dual_band_wireless-ac_3165 | - |
{
"affected": [
{
"affectedData": [
{
"product": "Intel(R) Wireless Bluetooth(R)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 21.110"
}
]
}
],
"source": "secure@intel.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:dual_band_wireless-ac_3168_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F44B727-A61B-4B93-B7B1-09E7EBCC57D1",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3F3AC3-7774-44DE-82C3-531D874D6175",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:dual_band_wireless-ac_8260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5082F651-CC50-4E53-90B0-426111BFF813",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5900B9-D8E3-4928-B587-955BCAE07460",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:dual_band_wireless-ac_8265_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "925CE55F-442D-4EFD-AC2C-AB9CDB94D534",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89ED6FDA-BE47-4E7D-A449-439A917119DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F20A2CC7-FB72-43E3-B06C-265DEBF15162",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D653F9C-5B2E-400F-8F50-BFE466F08F0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDAC7CFA-A7C5-41E8-B0CD-F87F89C65500",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0433774-9479-4A01-B697-1379AEA223C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wireless-ac_9260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B11777A7-3A99-4619-8CC8-C5EC4ECA1062",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4900842A-56C4-4F09-BBD4-080EC7CEBF33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wireless-ac_9461_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "438C8188-2F72-4915-9A65-A955A09B8A05",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F198C1B-28A8-4FB8-9266-333A6E465445",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wireless-ac_9462_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5ACA70-6388-4A3D-86BB-997016A48071",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B60A55C-0969-43D4-A1A8-0E736DE89AFA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wireless-ac_9560_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "047A3925-3023-4AAB-B0E2-905B1FC12B87",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A5DD09-188E-4772-BBFD-3DCC776F4D55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:wireless_7265_\\(rev_d\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B905141-5EC7-4DF2-944D-84BCE30BBBA4",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD700D79-A4B3-4C62-93BE-D13F016AA3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:dual_band_wireless-ac_3165_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA251E20-3875-4877-A844-DCAEB17AF1CA",
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1729F4-7CCA-404A-903E-F0F6C1F9302B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
},
{
"lang": "es",
"value": "Una restricci\u00f3n de b\u00fafer inapropiada en algunos productos Intel\u00ae Wireless Bluetooth\u00ae anterior a versi\u00f3n 21.110, puede habilitar a un usuario no autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso adyacente"
}
],
"id": "CVE-2020-12321",
"lastModified": "2026-06-17T02:51:37.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-12T18:15:14.533",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-MMX9-F32W-9HQF
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
{
"affected": [],
"aliases": [
"CVE-2020-12321"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-12T18:15:00Z",
"severity": "HIGH"
},
"details": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"id": "GHSA-mmx9-f32w-9hqf",
"modified": "2022-05-24T17:33:33Z",
"published": "2022-05-24T17:33:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2020-12321
Vulnerability from gsd - Updated: 2023-12-13 01:21{
"GSD": {
"alias": "CVE-2020-12321",
"description": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"id": "GSD-2020-12321",
"references": [
"https://www.suse.com/security/cve/CVE-2020-12321.html",
"https://access.redhat.com/errata/RHSA-2021:0339",
"https://access.redhat.com/errata/RHSA-2021:0183",
"https://access.redhat.com/errata/RHSA-2020:5479",
"https://access.redhat.com/errata/RHSA-2020:5416",
"https://access.redhat.com/errata/RHSA-2022:7887"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-12321"
],
"details": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"id": "GSD-2020-12321",
"modified": "2023-12-13T01:21:49.445111Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Wireless Bluetooth(R)",
"version": {
"version_data": [
{
"version_value": "before version 21.110"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:dual_band_wireless-ac_3168_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:dual_band_wireless-ac_3168:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:dual_band_wireless-ac_8260_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:dual_band_wireless-ac_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:dual_band_wireless-ac_8265_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:dual_band_wireless-ac_8265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wireless-ac_9260_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wireless-ac_9461_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wireless-ac_9462_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wireless-ac_9560_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wireless_7265_\\(rev_d\\)_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:dual_band_wireless-ac_3165_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:dual_band_wireless-ac_3165:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2020-12321"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-07-21T11:39Z",
"publishedDate": "2020-11-12T18:15Z"
}
}
}
OPENSUSE-SU-2020:1960-1
Vulnerability from csaf_opensuse - Published: 2020-11-18 10:42 - Updated: 2020-11-18 10:42| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-firmware-20200107-lp151.2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:ucode-amd-20200107-lp151.2.15.1.noarch | — |
Vendor Fix
|
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1178671 | self |
| https://www.suse.com/security/cve/CVE-2020-12321/ | self |
| https://www.suse.com/security/cve/CVE-2020-12321 | external |
| https://bugzilla.suse.com/1178671 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-firmware",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-firmware fixes the following issue:\n\n- CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs (bsc#1178671).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1960",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1960-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1960-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SNZ3NYJWZSI2ISRG5U4RX3XMDBRHDRTX/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1960-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SNZ3NYJWZSI2ISRG5U4RX3XMDBRHDRTX/"
},
{
"category": "self",
"summary": "SUSE Bug 1178671",
"url": "https://bugzilla.suse.com/1178671"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12321 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12321/"
}
],
"title": "Security update for kernel-firmware",
"tracking": {
"current_release_date": "2020-11-18T10:42:34Z",
"generator": {
"date": "2020-11-18T10:42:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1960-1",
"initial_release_date": "2020-11-18T10:42:34Z",
"revision_history": [
{
"date": "2020-11-18T10:42:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-20200107-lp151.2.15.1.noarch",
"product": {
"name": "kernel-firmware-20200107-lp151.2.15.1.noarch",
"product_id": "kernel-firmware-20200107-lp151.2.15.1.noarch"
}
},
{
"category": "product_version",
"name": "ucode-amd-20200107-lp151.2.15.1.noarch",
"product": {
"name": "ucode-amd-20200107-lp151.2.15.1.noarch",
"product_id": "ucode-amd-20200107-lp151.2.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-lp151.2.15.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-firmware-20200107-lp151.2.15.1.noarch"
},
"product_reference": "kernel-firmware-20200107-lp151.2.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-lp151.2.15.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:ucode-amd-20200107-lp151.2.15.1.noarch"
},
"product_reference": "ucode-amd-20200107-lp151.2.15.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12321"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-firmware-20200107-lp151.2.15.1.noarch",
"openSUSE Leap 15.1:ucode-amd-20200107-lp151.2.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12321",
"url": "https://www.suse.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "SUSE Bug 1178671 for CVE-2020-12321",
"url": "https://bugzilla.suse.com/1178671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-firmware-20200107-lp151.2.15.1.noarch",
"openSUSE Leap 15.1:ucode-amd-20200107-lp151.2.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-firmware-20200107-lp151.2.15.1.noarch",
"openSUSE Leap 15.1:ucode-amd-20200107-lp151.2.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-18T10:42:34Z",
"details": "critical"
}
],
"title": "CVE-2020-12321"
}
]
}
OPENSUSE-SU-2020:1962-1
Vulnerability from csaf_opensuse - Published: 2020-11-18 22:59 - Updated: 2020-11-18 22:59| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:kernel-firmware-20200107-lp152.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:ucode-amd-20200107-lp152.2.3.1.noarch | — |
Vendor Fix
|
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1178671 | self |
| https://www.suse.com/security/cve/CVE-2020-12321/ | self |
| https://www.suse.com/security/cve/CVE-2020-12321 | external |
| https://bugzilla.suse.com/1178671 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-firmware",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-firmware fixes the following issue:\n\n- CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs (bsc#1178671).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1962",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1962-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1962-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WWOUPKVHO4A2R27BZDEYM2EMS4RXKDM4/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1962-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WWOUPKVHO4A2R27BZDEYM2EMS4RXKDM4/"
},
{
"category": "self",
"summary": "SUSE Bug 1178671",
"url": "https://bugzilla.suse.com/1178671"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12321 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12321/"
}
],
"title": "Security update for kernel-firmware",
"tracking": {
"current_release_date": "2020-11-18T22:59:43Z",
"generator": {
"date": "2020-11-18T22:59:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1962-1",
"initial_release_date": "2020-11-18T22:59:43Z",
"revision_history": [
{
"date": "2020-11-18T22:59:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-20200107-lp152.2.3.1.noarch",
"product": {
"name": "kernel-firmware-20200107-lp152.2.3.1.noarch",
"product_id": "kernel-firmware-20200107-lp152.2.3.1.noarch"
}
},
{
"category": "product_version",
"name": "ucode-amd-20200107-lp152.2.3.1.noarch",
"product": {
"name": "ucode-amd-20200107-lp152.2.3.1.noarch",
"product_id": "ucode-amd-20200107-lp152.2.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-20200107-lp152.2.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:kernel-firmware-20200107-lp152.2.3.1.noarch"
},
"product_reference": "kernel-firmware-20200107-lp152.2.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ucode-amd-20200107-lp152.2.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:ucode-amd-20200107-lp152.2.3.1.noarch"
},
"product_reference": "ucode-amd-20200107-lp152.2.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12321"
}
],
"notes": [
{
"category": "general",
"text": "Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:kernel-firmware-20200107-lp152.2.3.1.noarch",
"openSUSE Leap 15.2:ucode-amd-20200107-lp152.2.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12321",
"url": "https://www.suse.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "SUSE Bug 1178671 for CVE-2020-12321",
"url": "https://bugzilla.suse.com/1178671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:kernel-firmware-20200107-lp152.2.3.1.noarch",
"openSUSE Leap 15.2:ucode-amd-20200107-lp152.2.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:kernel-firmware-20200107-lp152.2.3.1.noarch",
"openSUSE Leap 15.2:ucode-amd-20200107-lp152.2.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-18T22:59:43Z",
"details": "critical"
}
],
"title": "CVE-2020-12321"
}
]
}
RHSA-2020:5416
Vulnerability from csaf_redhat - Published: 2020-12-15 08:59 - Updated: 2025-11-21 18:19A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src | — |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2020:5416 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-12321 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-12321 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-12321 | external |
| https://www.intel.com/content/www/us/en/security-… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Remove buggy ucode patch from microcode_amd_fam17h.bin (BZ#1872773)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5416",
"url": "https://access.redhat.com/errata/RHSA-2020:5416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5416.json"
}
],
"title": "Red Hat Security Advisory: linux-firmware security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:19:02+00:00",
"generator": {
"date": "2025-11-21T18:19:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:5416",
"initial_release_date": "2020-12-15T08:59:23+00:00",
"revision_history": [
{
"date": "2020-12-15T08:59:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-15T08:59:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:19:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product_id": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl100-firmware@39.31.5.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product_id": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl1000-firmware@39.31.5.1-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl105-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl135-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2000-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2030-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product": {
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_id": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3160-firmware@25.30.13.0-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product": {
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product_id": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3945-firmware@15.32.2.9-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product": {
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product_id": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl4965-firmware@228.61.2.24-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product": {
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product_id": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5000-firmware@8.83.5.1_1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product": {
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product_id": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5150-firmware@8.24.2.2-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product_id": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000-firmware@9.221.4.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2a-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2b-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product_id": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6050-firmware@41.28.5.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product": {
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_id": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl7260-firmware@25.30.13.0-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8686-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8787-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-olpc-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product_id": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20191202-99.gite8a0f4c9.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch"
},
"product_reference": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch"
},
"product_reference": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch"
},
"product_reference": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch"
},
"product_reference": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch"
},
"product_reference": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch"
},
"product_reference": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
},
"product_reference": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hardware: buffer overflow in bluetooth firmware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "RHBZ#1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T08:59:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5416"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hardware: buffer overflow in bluetooth firmware"
}
]
}
RHSA-2020:5479
Vulnerability from csaf_redhat - Published: 2020-12-15 17:24 - Updated: 2025-11-21 18:19A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src | — |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2020:5479 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-12321 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-12321 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-12321 | external |
| https://www.intel.com/content/www/us/en/security-… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for linux-firmware is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nEnhancement(s):\n\n* [Intel 8.3 FEAT] ice: Update to the Default OS DDP Package for ice driver (BZ#1896597)\n\n* [Intel 8.3 FEAT] ice: Pull Comms Market Segment Package into RHEL 8.3 (BZ#1896598)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5479",
"url": "https://access.redhat.com/errata/RHSA-2020:5479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5479.json"
}
],
"title": "Red Hat Security Advisory: linux-firmware security and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:19:07+00:00",
"generator": {
"date": "2025-11-21T18:19:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:5479",
"initial_release_date": "2020-12-15T17:24:16+00:00",
"revision_history": [
{
"date": "2020-12-15T17:24:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-15T17:24:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:19:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product_id": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl100-firmware@39.31.5.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product_id": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl1000-firmware@39.31.5.1-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl105-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl135-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2000-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2030-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product": {
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_id": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3160-firmware@25.30.13.0-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product": {
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product_id": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3945-firmware@15.32.2.9-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product": {
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product_id": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl4965-firmware@228.61.2.24-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product": {
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product_id": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5000-firmware@8.83.5.1_1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product": {
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product_id": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5150-firmware@8.24.2.2-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product_id": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000-firmware@9.221.4.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2a-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2b-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product_id": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6050-firmware@41.28.5.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product": {
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_id": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl7260-firmware@25.30.13.0-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8686-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8787-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-firmware@20200619-101.git3890db36.el8_3?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-olpc-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product_id": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20200619-101.git3890db36.el8_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch"
},
"product_reference": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch"
},
"product_reference": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch"
},
"product_reference": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch"
},
"product_reference": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch"
},
"product_reference": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch"
},
"product_reference": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
},
"product_reference": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hardware: buffer overflow in bluetooth firmware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "RHBZ#1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:24:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5479"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.",
"product_ids": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hardware: buffer overflow in bluetooth firmware"
}
]
}
RHSA-2020_5416
Vulnerability from csaf_redhat - Published: 2020-12-15 08:59 - Updated: 2024-11-22 15:39A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src | — |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2020:5416 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-12321 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-12321 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-12321 | external |
| https://www.intel.com/content/www/us/en/security-… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Remove buggy ucode patch from microcode_amd_fam17h.bin (BZ#1872773)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5416",
"url": "https://access.redhat.com/errata/RHSA-2020:5416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5416.json"
}
],
"title": "Red Hat Security Advisory: linux-firmware security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T15:39:15+00:00",
"generator": {
"date": "2024-11-22T15:39:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:5416",
"initial_release_date": "2020-12-15T08:59:23+00:00",
"revision_history": [
{
"date": "2020-12-15T08:59:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-15T08:59:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T15:39:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product_id": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl100-firmware@39.31.5.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product_id": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl1000-firmware@39.31.5.1-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl105-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl135-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2000-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2030-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product": {
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_id": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3160-firmware@25.30.13.0-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product": {
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product_id": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3945-firmware@15.32.2.9-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product": {
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product_id": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl4965-firmware@228.61.2.24-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product": {
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product_id": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5000-firmware@8.83.5.1_1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product": {
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product_id": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5150-firmware@8.24.2.2-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product_id": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000-firmware@9.221.4.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2a-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_id": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2b-firmware@18.168.6.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product": {
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product_id": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6050-firmware@41.28.5.1-99.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product": {
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_id": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl7260-firmware@25.30.13.0-99.el8_2.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8686-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8787-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-olpc-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_id": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20191202-99.gite8a0f4c9.el8_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product_id": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20191202-99.gite8a0f4c9.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch"
},
"product_reference": "iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch"
},
"product_reference": "iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch"
},
"product_reference": "iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch"
},
"product_reference": "iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch"
},
"product_reference": "iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch"
},
"product_reference": "iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch"
},
"product_reference": "iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch"
},
"product_reference": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
},
"product_reference": "linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hardware: buffer overflow in bluetooth firmware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "RHBZ#1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T08:59:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5416"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.",
"product_ids": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.EUS:iwl100-firmware-0:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl1000-firmware-1:39.31.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl105-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl135-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2000-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl2030-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3160-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl3945-firmware-0:15.32.2.9-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl4965-firmware-0:228.61.2.24-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5000-firmware-0:8.83.5.1_1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl5150-firmware-0:8.24.2.2-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000-firmware-0:9.221.4.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2a-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6000g2b-firmware-0:18.168.6.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl6050-firmware-0:41.28.5.1-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:iwl7260-firmware-1:25.30.13.0-99.el8_2.1.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8686-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-sd8787-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-firmware-2:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:libertas-usb8388-olpc-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.noarch",
"BaseOS-8.2.0.Z.EUS:linux-firmware-0:20191202-99.gite8a0f4c9.el8_2.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hardware: buffer overflow in bluetooth firmware"
}
]
}
RHSA-2020_5479
Vulnerability from csaf_redhat - Published: 2020-12-15 17:24 - Updated: 2024-11-22 15:39A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src | — |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2020:5479 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-12321 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1893914 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-12321 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-12321 | external |
| https://www.intel.com/content/www/us/en/security-… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for linux-firmware is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nEnhancement(s):\n\n* [Intel 8.3 FEAT] ice: Update to the Default OS DDP Package for ice driver (BZ#1896597)\n\n* [Intel 8.3 FEAT] ice: Pull Comms Market Segment Package into RHEL 8.3 (BZ#1896598)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5479",
"url": "https://access.redhat.com/errata/RHSA-2020:5479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5479.json"
}
],
"title": "Red Hat Security Advisory: linux-firmware security and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T15:39:22+00:00",
"generator": {
"date": "2024-11-22T15:39:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:5479",
"initial_release_date": "2020-12-15T17:24:16+00:00",
"revision_history": [
{
"date": "2020-12-15T17:24:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-15T17:24:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T15:39:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product_id": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl100-firmware@39.31.5.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product_id": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl1000-firmware@39.31.5.1-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl105-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl135-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2000-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl2030-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product": {
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_id": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3160-firmware@25.30.13.0-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product": {
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product_id": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl3945-firmware@15.32.2.9-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product": {
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product_id": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl4965-firmware@228.61.2.24-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product": {
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product_id": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5000-firmware@8.83.5.1_1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product": {
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product_id": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl5150-firmware@8.24.2.2-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product_id": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000-firmware@9.221.4.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2a-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_id": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6000g2b-firmware@18.168.6.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product": {
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product_id": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl6050-firmware@41.28.5.1-101.el8_3.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product": {
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_id": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/iwl7260-firmware@25.30.13.0-101.el8_3.1?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8686-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-sd8787-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-firmware@20200619-101.git3890db36.el8_3?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libertas-usb8388-olpc-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_id": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20200619-101.git3890db36.el8_3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product_id": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/linux-firmware@20200619-101.git3890db36.el8_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch"
},
"product_reference": "iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch"
},
"product_reference": "iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch"
},
"product_reference": "iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch"
},
"product_reference": "iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch"
},
"product_reference": "iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch"
},
"product_reference": "iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch"
},
"product_reference": "iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch"
},
"product_reference": "linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-firmware-0:20200619-101.git3890db36.el8_3.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
},
"product_reference": "linux-firmware-0:20200619-101.git3890db36.el8_3.src",
"relates_to_product_reference": "BaseOS-8.3.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-12321",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1893914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hardware: buffer overflow in bluetooth firmware",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12321"
},
{
"category": "external",
"summary": "RHBZ#1893914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12321",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12321"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html"
}
],
"release_date": "2020-11-10T13:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:24:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5479"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.",
"product_ids": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.3.0.Z.MAIN:iwl100-firmware-0:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl1000-firmware-1:39.31.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl105-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl135-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2000-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl2030-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3160-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl3945-firmware-0:15.32.2.9-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl4965-firmware-0:228.61.2.24-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5000-firmware-0:8.83.5.1_1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl5150-firmware-0:8.24.2.2-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000-firmware-0:9.221.4.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2a-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6000g2b-firmware-0:18.168.6.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl6050-firmware-0:41.28.5.1-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:iwl7260-firmware-1:25.30.13.0-101.el8_3.1.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8686-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-sd8787-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-firmware-2:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:libertas-usb8388-olpc-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.noarch",
"BaseOS-8.3.0.Z.MAIN:linux-firmware-0:20200619-101.git3890db36.el8_3.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hardware: buffer overflow in bluetooth firmware"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.