netronome-firmware (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package netronome-firmware, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (10)
CVE-2022-46329 — CVSS 8.2 (high): Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation…
CVE-2022-27635 — CVSS 8.2 (high): Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially…
CVE-2022-40964 — CVSS 7.9 (high): Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially…
CVE-2023-31346 — CVSS 6.0 (medium): Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests.
CVE-2023-20593 — CVSS 5.5 (medium): An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive…
CVE-2023-20584 — CVSS 5.3 (medium): IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with…
CVE-2023-20569 — CVSS 4.7 (medium): A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in…
CVE-2023-31356 — CVSS 4.4 (medium): Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting…
CVE-2022-36351 — CVSS 4.3 (medium): Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to…
CVE-2022-38076 — CVSS 3.8 (low): Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially…