vulnerability
CentOS Linux: CVE-2018-5383: Important: linux-firmware security, bug fix, and enhancement update (CESA-2019:2169)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:A/AC:M/Au:N/C:P/I:P/A:N) | Aug 7, 2018 | Aug 28, 2019 | May 25, 2023 |
Severity
4
CVSS
(AV:A/AC:M/Au:N/C:P/I:P/A:N)
Published
Aug 7, 2018
Added
Aug 28, 2019
Modified
May 25, 2023
Description
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Solutions
centos-upgrade-iwl100-firmwarecentos-upgrade-iwl1000-firmwarecentos-upgrade-iwl105-firmwarecentos-upgrade-iwl135-firmwarecentos-upgrade-iwl2000-firmwarecentos-upgrade-iwl2030-firmwarecentos-upgrade-iwl3160-firmwarecentos-upgrade-iwl3945-firmwarecentos-upgrade-iwl4965-firmwarecentos-upgrade-iwl5000-firmwarecentos-upgrade-iwl5150-firmwarecentos-upgrade-iwl6000-firmwarecentos-upgrade-iwl6000g2a-firmwarecentos-upgrade-iwl6000g2b-firmwarecentos-upgrade-iwl6050-firmwarecentos-upgrade-iwl7260-firmwarecentos-upgrade-iwl7265-firmwarecentos-upgrade-linux-firmware
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.