[Git][security-tracker-team/security-tracker][master] Devices affected by CVE-2021-2323 and CVE-2021-44545 are not supported by...

Tobias Frost (@tobi) tobi at debian.org
Sun Feb 26 19:15:24 GMT 2023



Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
10a39f85 by Tobias Frost at 2023-02-26T20:15:02+01:00
Devices affected by CVE-2021-2323 and CVE-2021-44545 are not supported by buster's kernel. (Firmware files also not present in firmware-nonfree)

Affected devices: (via https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html)

CVE-2021-44545

Intel® Wi-Fi 6E AX411
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX210
Intel® Wi-Fi 6 AX201
Intel® Wi-Fi 6 AX200

CVE-2021-23223

Intel® Wi-Fi 6E AX411
Intel® Wi-Fi 6E AX211
Intel® Wi-Fi 6E AX210

Support for above devices was added with kernel 5.10+  (See https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -96978,6 +96978,7 @@ CVE-2021-44739 (Acrobat Reader DC ActiveX Control versions 21.007.20099 (and ear
 CVE-2021-44545 (Improper input validation for some Intel(R) PROSet/Wireless WiFi and K ...)
 	- firmware-nonfree 20220913-1
 	[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+	[buster] - firmware-nonfree <not-affected> (Affected devices not supported by buster's kernel)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
 	NOTE: Fixed upstream in 20220815
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=63a87d2f1f7ea029e8d32ed03d972947a7bb60fd
@@ -98031,6 +98032,7 @@ CVE-2021-26251 (Improper input validation in the Intel(R) Distribution of OpenVI
 CVE-2021-23223 (Improper initialization for some Intel(R) PROSet/Wireless WiFi and Kil ...)
 	- firmware-nonfree 20220913-1
 	[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+	[buster] - firmware-nonfree <not-affected> (Affected devices not supported by buster's kernel)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
 	NOTE: Fixed upstream in 20220815
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=63a87d2f1f7ea029e8d32ed03d972947a7bb60fd



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10a39f859df4cbc82c57f074c86042049f09e7fd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10a39f859df4cbc82c57f074c86042049f09e7fd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230226/24058659/attachment.htm>


More information about the debian-security-tracker-commits mailing list