Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:7782 - Security Advisory
Issued:
2023-12-13
Updated:
2023-12-13

RHSA-2023:7782 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: linux-firmware security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for linux-firmware is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The linux-firmware packages contain all of the firmware files that are required by various devices to operate.

Security Fix(es):

  • hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
  • hw: amd: Cross-Process Information Leak (CVE-2023-20593)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.6 x86_64

Fixes

  • BZ - 2207625 - CVE-2023-20569 hw amd: Return Address Predictor vulnerability leading to information disclosure
  • BZ - 2217845 - CVE-2023-20593 hw: amd: Cross-Process Information Leak

CVEs

  • CVE-2023-20569
  • CVE-2023-20593

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
linux-firmware-20180911-69.2.git85c5d90.el7_6.src.rpm SHA-256: 3989fbedc4b2465f525467e0d1342efcca8ddf55aa1d1f29378a8c28a6b38b4d
x86_64
iwl100-firmware-39.31.5.1-69.2.el7_6.noarch.rpm SHA-256: 7e5159811ec3d30bb495d73487f1ab3efc141be23285bdf126b02ce15ac8919d
iwl1000-firmware-39.31.5.1-69.2.el7_6.noarch.rpm SHA-256: 29c3645d500726cffa56551aa4e0607c6223c2e8537dfc163f78fdedb7f98935
iwl105-firmware-18.168.6.1-69.2.el7_6.noarch.rpm SHA-256: 7351674f6ee9065e01e8a1873d6e069cec372d83f46c9871e053ad1ab66b51cd
iwl135-firmware-18.168.6.1-69.2.el7_6.noarch.rpm SHA-256: 9f3e82f1d93733dbdfa16cd757bbeb9c7e4229d2920f4e7bd9a44cba6a409094
iwl2000-firmware-18.168.6.1-69.2.el7_6.noarch.rpm SHA-256: be9f875967e6d7bf7fd7e7eeda93485fada1b8a970e51ca21c89c082cd5f3baa
iwl2030-firmware-18.168.6.1-69.2.el7_6.noarch.rpm SHA-256: 70d2650799549641527b383f98f6995e5c98f1fa4e01750a23eb31f87a2f685d
iwl3160-firmware-22.0.7.0-69.2.el7_6.noarch.rpm SHA-256: af06c7f5977bb35d81fa4a96cf4b796aa52d2ac96bbb99830a568f7791b0b7ff
iwl3945-firmware-15.32.2.9-69.2.el7_6.noarch.rpm SHA-256: f3ee4bf836e6c3f3c1720123184e1282b67d4f64bbd6ae7663e8485bc0eb1ba0
iwl4965-firmware-228.61.2.24-69.2.el7_6.noarch.rpm SHA-256: 5be95bf95c57f7d08febab0e24bed142ea157a1f5d54afcb4541be674a1e4015
iwl5000-firmware-8.83.5.1_1-69.2.el7_6.noarch.rpm SHA-256: 1e43720e00628f5867513cc5d9bad18c22aab3638b9220e308a5463c109413d2
iwl5150-firmware-8.24.2.2-69.2.el7_6.noarch.rpm SHA-256: 494f7b6a2ee670f8d349a63802ed3ecf24796f633a2b29d2f8a2d7418bab6da5
iwl6000-firmware-9.221.4.1-69.2.el7_6.noarch.rpm SHA-256: e17097ca3e2b198628161aca69ad4f1290a66efa3b4402b1cd70399b6bf86588
iwl6000g2a-firmware-17.168.5.3-69.2.el7_6.noarch.rpm SHA-256: cd34753ee408ddce1c4dbefc3319dbf0a5ce84da8136432998a4ec2edec701a9
iwl6000g2b-firmware-17.168.5.2-69.2.el7_6.noarch.rpm SHA-256: 70212f8089411459f8829defcc101c0dc2e1330149008252d2531f93564943aa
iwl6050-firmware-41.28.5.1-69.2.el7_6.noarch.rpm SHA-256: edaaf6cc388b621a7d189468f84027acdbccbcb36db0c60abe4a1ed375d973f0
iwl7260-firmware-22.0.7.0-69.2.el7_6.noarch.rpm SHA-256: b465682c8cd12609cec1bdf78ef3f95b9c3635d3db30ace8efd3de3e02ec1bba
iwl7265-firmware-22.0.7.0-69.2.el7_6.noarch.rpm SHA-256: 811f09c8995eca9e1589a5e9eab2aaee8c4ab3bcd45ac9984e3bf80db0f177f4
linux-firmware-20180911-69.2.git85c5d90.el7_6.noarch.rpm SHA-256: 3f998ab7e2bba9e5ccf20f65e2d555ce1772ac11d000e116c3e542ceee530aa9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility