INFSA-2024:4262: linux-firmware security update
Information about definition
Identificator: INFSA-2024:4262
Type: security
Release date: 2024-08-23 19:14:50 UTC
Information about package
The linux-firmware packages contain all of the firmware files that are required by various devices to operate.
Vulnerabilities description
- CVE-2023-31346
A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-31346
|
no information | 4.4 | no information |
Updated packages