Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3548 [DLA 1573-1] firmware-nonfree security update 13 November 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firmware-nonfree Publisher: Debian Operating System: Debian GNU/Linux 8 Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Privileged Data -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2017-13081 CVE-2017-13080 CVE-2017-13079 CVE-2017-13078 CVE-2017-13077 CVE-2017-9417 CVE-2017-1308 CVE-2017-0561 CVE-2016-0801 Reference: ASB-2018.0084 ASB-2017.0142 ESB-2018.0102 ESB-2017.2600 ESB-2017.2599 ESB-2017.1776 ESB-2016.0741 Original Bulletin: https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html - --------------------------BEGIN INCLUDED TEXT-------------------- Package : firmware-nonfree Version : 20161130-4~deb8u1 CVE ID : CVE-2016-0801 CVE-2017-0561 CVE-2017-9417 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 Debian Bug : 620066 724970 769633 774914 790061 793544 793874 795303 800090 800440 800820 801514 802970 803920 808792 816350 823402 823637 826996 832925 833355 833876 838038 838476 838858 841092 842762 854695 854907 856853 862458 869639 907320 Several vulnerabilities have been discovered in the firmware for Broadcom BCM43xx wifi chips that may lead to a privilege escalation or loss of confidentiality. CVE-2016-0801 Broadgate Team discovered flaws in packet processing in the Broadcom wifi firmware and proprietary drivers that could lead to remote code execution. However, this vulnerability is not believed to affect the drivers used in Debian. CVE-2017-0561 Gal Beniamini of Project Zero discovered a flaw in the TDLS implementation in Broadcom wifi firmware. This could be exploited by an attacker on the same WPA2 network to execute code on the wifi microcontroller. CVE-2017-9417 / #869639 Nitay Artenstein of Exodus Intelligence discovered a flaw in the WMM implementation in Broadcom wifi firmware. This could be exploited by a nearby attacker to execute code on the wifi microcontroller. CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081 Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol used for authentication in wireless networks, dubbed "KRACK". An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2. These vulnerabilities are only being fixed for certain Broadcom wifi chips, and might still be present in firmware for other wifi hardware. For Debian 8 "Jessie", these problems have been fixed in version 20161130-4~deb8u1. This version also adds new firmware and packages for use with Linux 4.9, and re-adds firmware-{adi,ralink} as transitional packages. We recommend that you upgrade your firmware-nonfree packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW+pKi2aOgq3Tt24GAQj/KRAA3FJb6UeenGIP+V/CAsZI8sgevWPYDIL9 CFJvZOgVy4lh7rbHN2eJ7Jp+l2iMeOqPAtmy1T1098Y2QbYXyuGoxzs3mKPmVKHQ T1rc+lWI3jNKH2JlebWwbHSdgHqkjsENsr10Tag43Sazg1Ykf1EilSgmMxZYGnGZ A9q8hL3Z+8eysDzloW8PnM7s16pbm/C01QAB4V0X9TfcpNYMMN5rE+w7EhXdIjDt 1V9hDzS9YQ7zLC0nUlsvk7F8n7mt07ejaFsWHwuGnpMeGvTdyfKw5PckdmQYCp/E QS9KHtatr3GHzpn4zDDgrlY0gDzGhHUtBz9/k0im/yLyFRTvAS3GAemMaAuLQi3u zpgO8rr0f0iYrXLyXPeipnGBicuVU9+WlGt3am+MewHyvRxkirEnEd8DPn2LBR9X RQcS9BFgEQaefDnm6neAOIyn91bXqFzsLxjuEMQdk3jc9I7Kgwc7DUUALt10hIuU 9qFkhRMtcMrd8uDXIny50RGYGbzzQIO3aa97ijxeuie9zjpP1EwNF9Pc/tJEKdg4 YnblQM/tT2dr5AEujAWFMy0+pjy6ds8ZB/aAV6YPrEH64xiE4TKB8gQbloYGy0OR YFM2J3MNRTf5bPvRPzdMamTQx5qBhKyeaJJ1ewaDpHFW1TT80c6wlOxktOfJrgCz dBMVwomyzNw= =qHiu -----END PGP SIGNATURE-----