Security update for kernel-firmware SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:3144-1 Final 1 1 2017-11-29T22:25:55Z current 2017-11-29T22:25:55Z 2017-11-29T22:25:55Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for kernel-firmware This update for kernel-firmware fixes the following issues: - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the 'KRACK' attacks affecting the firmware: - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks (bsc#1066295): - CVE-2017-13081: The reinstallation of the Integrity Group Temporal key could be used for replay attacks (bsc#1066295): This update was imported from the SUSE:SLE-12-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00065.html E-Mail link for openSUSE-SU-2017:3144-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 kernel-firmware-20170530-11.1 ucode-amd-20170530-11.1 kernel-firmware-20170530-11.1 as a component of openSUSE Leap 42.2 ucode-amd-20170530-11.1 as a component of openSUSE Leap 42.2 kernel-firmware-20170530-11.1 as a component of openSUSE Leap 42.3 ucode-amd-20170530-11.1 as a component of openSUSE Leap 42.3 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. CVE-2017-13080 openSUSE Leap 42.2:kernel-firmware-20170530-11.1 openSUSE Leap 42.2:ucode-amd-20170530-11.1 openSUSE Leap 42.3:kernel-firmware-20170530-11.1 openSUSE Leap 42.3:ucode-amd-20170530-11.1 important 7.8 AV:A/AC:L/Au:N/C:C/I:C/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00065.html https://www.suse.com/security/cve/CVE-2017-13080.html CVE-2017-13080 https://bugzilla.suse.com/1056061 SUSE Bug 1056061 https://bugzilla.suse.com/1063479 SUSE Bug 1063479 https://bugzilla.suse.com/1063667 SUSE Bug 1063667 https://bugzilla.suse.com/1063671 SUSE Bug 1063671 https://bugzilla.suse.com/1066295 SUSE Bug 1066295 https://bugzilla.suse.com/1105108 SUSE Bug 1105108 https://bugzilla.suse.com/1178872 SUSE Bug 1178872 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. CVE-2017-13081 openSUSE Leap 42.2:kernel-firmware-20170530-11.1 openSUSE Leap 42.2:ucode-amd-20170530-11.1 openSUSE Leap 42.3:kernel-firmware-20170530-11.1 openSUSE Leap 42.3:ucode-amd-20170530-11.1 important 7.8 AV:A/AC:L/Au:N/C:C/I:C/A:N Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00065.html https://www.suse.com/security/cve/CVE-2017-13081.html CVE-2017-13081 https://bugzilla.suse.com/1056061 SUSE Bug 1056061 https://bugzilla.suse.com/1063479 SUSE Bug 1063479 https://bugzilla.suse.com/1066295 SUSE Bug 1066295 https://bugzilla.suse.com/1105108 SUSE Bug 1105108