Amazon Linux 2023 Security Advisory: ALAS-2024-706
Advisory Release Date: 2024-08-14 19:14 Pacific
Advisory Updated Date: 2024-08-19 10:50 Pacific
Severity:
Important
Issue Overview:
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. (CVE-2023-31315)
Affected Packages:
linux-firmware
Issue Correction:
Run dnf update linux-firmware --releasever 2023.5.20240819 to update your system.
New Packages:
noarch:
iwl6050-firmware-41.28.5.1-117.amzn2023.0.5.noarch
iwl6000g2a-firmware-18.168.6.1-117.amzn2023.0.5.noarch
iwl6000-firmware-9.221.4.1-117.amzn2023.0.5.noarch
iwl5000-firmware-8.83.5.1_1-117.amzn2023.0.5.noarch
iwl3945-firmware-15.32.2.9-117.amzn2023.0.5.noarch
iwl7260-firmware-25.30.13.0-117.amzn2023.0.5.noarch
iwl105-firmware-18.168.6.1-117.amzn2023.0.5.noarch
iwl6000g2b-firmware-18.168.6.1-117.amzn2023.0.5.noarch
linux-firmware-whence-20210208-117.amzn2023.0.5.noarch
iwl135-firmware-18.168.6.1-117.amzn2023.0.5.noarch
iwl2000-firmware-18.168.6.1-117.amzn2023.0.5.noarch
iwl1000-firmware-39.31.5.1-117.amzn2023.0.5.noarch
iwl5150-firmware-8.24.2.2-117.amzn2023.0.5.noarch
iwl100-firmware-39.31.5.1-117.amzn2023.0.5.noarch
iwl4965-firmware-228.61.2.24-117.amzn2023.0.5.noarch
iwl2030-firmware-18.168.6.1-117.amzn2023.0.5.noarch
libertas-usb8388-firmware-20210208-117.amzn2023.0.5.noarch
libertas-sd8787-firmware-20210208-117.amzn2023.0.5.noarch
iwl3160-firmware-25.30.13.0-117.amzn2023.0.5.noarch
netronome-firmware-20210208-117.amzn2023.0.5.noarch
libertas-usb8388-olpc-firmware-20210208-117.amzn2023.0.5.noarch
libertas-sd8686-firmware-20210208-117.amzn2023.0.5.noarch
liquidio-firmware-20210208-117.amzn2023.0.5.noarch
linux-firmware-20210208-117.amzn2023.0.5.noarch
src:
linux-firmware-20210208-117.amzn2023.0.5.src