firmware-nonfree - Debian Package Tracker

general

source: firmware-nonfree (non-free-firmware)
version: 20260110-1
maintainer: Debian Kernel Team (archive) (DMD)
uploaders: Bastian Blank [DMD] – Salvatore Bonaccorso [DMD] – maximilian attems [DMD] – Ben Hutchings [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 20210315-3
oldstable: 20230210-5
old-bpo: 20250410-2~bpo12+1
stable: 20250410-2
stable-bpo: 20251021-1~bpo13+1
testing: 20251111-1
unstable: 20260110-1

versioned links

20210315-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20230210-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20250410-2~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20250410-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20251021-1~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20251111-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20260110-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

firmware-amd-graphics (9 bugs: 0, 9, 0, 0)
firmware-atheros (3 bugs: 0, 3, 0, 0)
firmware-bnx2
firmware-bnx2x
firmware-brcm80211 (3 bugs: 0, 3, 0, 0)
firmware-cavium
firmware-cirrus
firmware-intel-graphics (1 bugs: 0, 1, 0, 0)
firmware-intel-misc
firmware-intel-sound (1 bugs: 0, 1, 0, 0)
firmware-ipw2x00
firmware-ivtv
firmware-iwlwifi (18 bugs: 0, 17, 1, 0)
firmware-libertas
firmware-linux
firmware-linux-nonfree (4 bugs: 0, 1, 3, 0)
firmware-marvell-prestera
firmware-mediatek
firmware-misc-nonfree (10 bugs: 0, 8, 2, 0)
firmware-myricom
firmware-netronome
firmware-netxen (1 bugs: 0, 1, 0, 0)
firmware-nvidia-graphics (1 bugs: 0, 0, 1, 0)
firmware-qcom-media
firmware-qcom-soc
firmware-qlogic
firmware-realtek (5 bugs: 0, 5, 0, 0)
firmware-samsung
firmware-siano (1 bugs: 0, 1, 0, 0)
firmware-ti-connectivity (1 bugs: 0, 1, 0, 0)

action needed

Marked for autoremoval on 17 March: #1126794 high

Version 20251111-1 of firmware-nonfree is marked for autoremoval from testing on Tue 17 Mar 2026. It is affected by #1126794. The removal of firmware-nonfree will also cause the removal of (transitive) reverse dependencies: linux-board-support-package-dragonboard845c, linux-board-support-package-rb3gen2, linux-board-support-package-rb5. You should try to prevent the removal by fixing these RC bugs.

Created: 2026-02-08 Last update: 2026-02-18 22:02

24 security issues in bullseye high

There are 24 open security issues in bullseye.

3 important issues:

CVE-2025-26402: Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-26405: Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires passive user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-32735: Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

21 issues postponed or untriaged:

CVE-2023-4969: (needs triaging) A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2020-24586: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2021-23168: (needs triaging) Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2021-23223: (needs triaging) Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-37409: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-44545: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-21181: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-27635: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-36351: (needs triaging) Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-38076: (needs triaging) Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-40964: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-46329: (needs triaging) Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-35061: (needs triaging) Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-23198: (postponed; to be fixed through a stable update) Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.
CVE-2024-24984: (postponed; to be fixed through a stable update) Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-25563: (postponed; to be fixed through a stable update) Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28049: (postponed; to be fixed through a stable update) Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.

Created: 2025-11-16 Last update: 2026-02-17 11:00

13 security issues in buster high

There are 13 open security issues in buster.

12 important issues:

CVE-2023-25951: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-26586: Uncaught exception for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-28374: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-28720: Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access..
CVE-2023-32642: Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32644: Protection mechanism failure for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32651: Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-33875: Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via local access..
CVE-2023-34983: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-35061: Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

1 issue postponed or untriaged:

CVE-2023-4969: (postponed; to be fixed through a stable update) A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Created: 2024-05-02 Last update: 2024-05-22 17:48

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2026-02-10 Last update: 2026-02-18 22:02

4 bugs tagged help in the BTS normal

The BTS contains 4 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2026-02-18 21:31

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs (4 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2026-02-18 21:31

lintian reports 12 warnings normal

Lintian reports 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-02-05 Last update: 2026-02-16 10:49

AppStream hints: 1 warning for firmware-bnx2,firmware-intel-graphics,firmware-qlogic,firmware-nvidia-graphics,firmware-intel-sound,firmware-ipw2x00,firmware-amd-graphics,firmware-intel-misc,firmware-iwlwifi,firmware-samsung,firmware-realtek,firmware-libertas,firmware-ti-connectivity,firmware-mediatek,firmware-cavium,firmware-atheros,firmware-marvell-prestera,firmware-bnx2x,firmware-brcm80211,firmware-misc-nonfree,firmware-siano,firmware-myricom,firmware-qcom-soc,firmware-ivtv,firmware-cirrus,firmware-netronome,firmware-netxen normal

AppStream found metadata issues for packages:

firmware-ipw2x00: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2024-01-27 Last update: 2025-04-21 17:20

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-32735: (needs triaging) Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-02-11 Last update: 2026-02-17 11:00

debian/patches: 1 patch to forward upstream low

Among the 4 debian patches available in version 20260110-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2024-12-20 Last update: 2026-02-05 10:31

No known security issue in bookworm wishlist

There are 13 open security issues in bookworm.

13 ignored issues:

CVE-2023-4969: A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2022-27635: Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-36351: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-38076: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-40964: Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-46329: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-35061: Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-23198: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.
CVE-2024-24984: Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-25563: Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28049: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.

Created: 2023-08-18 Last update: 2026-02-17 11:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.3.0).

Created: 2023-05-16 Last update: 2026-02-05 01:19

testing migrations

excuses:
- Migration status for firmware-nonfree (20251111-1 to 20260110-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ firmware-qcom-soc/amd64 has unsatisfiable dependency
- ∙ ∙ firmware-qcom-soc/arm64 has unsatisfiable dependency
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/amd64 to testing makes firmware-qcom-dragonboard845c/0~20190529180356-v4-3/amd64 uninstallable
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/amd64 to testing makes firmware-qcom-rb3gen2/1.1-1/amd64 uninstallable
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/amd64 to testing makes firmware-qcom-rb5/0~20210331-v4-1/amd64 uninstallable
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/arm64 to testing makes firmware-qcom-dragonboard845c/0~20190529180356-v4-3/arm64 uninstallable
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/arm64 to testing makes firmware-qcom-rb3gen2/1.1-1/arm64 uninstallable
- ∙ ∙ migrating firmware-qcom-soc/20260110-1/arm64 to testing makes firmware-qcom-rb5/0~20210331-v4-1/arm64 uninstallable
- Additional info (not blocking):
- ∙ ∙ Updating firmware-nonfree will fix bugs in testing: #1126794
- ∙ ∙ Piuparts can't test firmware-nonfree (not a blocker) - (no link yet)
- ∙ ∙ Autopkgtest skipped on amd64: not installable
- ∙ ∙ Autopkgtest skipped on arm64: not installable
- ∙ ∙ Autopkgtest skipped on i386: not installable (which is allowed)
- ∙ ∙ Autopkgtest skipped on ppc64el: not installable (which is allowed)
- ∙ ∙ Autopkgtest skipped on riscv64: not installable (which is allowed)
- ∙ ∙ Autopkgtest skipped on s390x: not installable (which is allowed)
- ∙ ∙ Reproducible on amd64
- ∙ ∙ Reproducible on arm64
- ∙ ∙ Reproducible on armhf
- ∙ ∙ Reproducible on i386
- ∙ ∙ Reproducible on ppc64el
- ∙ ∙ 14 days old (needed 5 days)
- Not considered

news

[rss feed]

[2026-02-04] Accepted firmware-nonfree 20260110-1 (source) into unstable (Ben Hutchings)
[2026-02-03] Accepted firmware-nonfree 20251125-1 (source) into unstable (Ben Hutchings)
[2025-11-30] firmware-nonfree 20251111-1 MIGRATED to testing (Debian testing watch)
[2025-11-25] Accepted firmware-nonfree 20251021-1~bpo13+1 (source) into stable-backports (Ben Hutchings)
[2025-11-24] Accepted firmware-nonfree 20251111-1 (source) into unstable (Ben Hutchings)
[2025-11-08] firmware-nonfree 20251021-1 MIGRATED to testing (Debian testing watch)
[2025-11-02] Accepted firmware-nonfree 20251021-1 (source) into unstable (Ben Hutchings)
[2025-11-02] Accepted firmware-nonfree 20251011-1 (source) into unstable (Ben Hutchings)
[2025-10-15] Accepted firmware-nonfree 20250917-1 (source) into unstable (Ben Hutchings)
[2025-09-09] Accepted firmware-nonfree 20250808-1~bpo13+1 (all source) into stable-backports (Debian FTP Masters) (signed by: Ben Hutchings)
[2025-08-21] firmware-nonfree 20250808-1 MIGRATED to testing (Debian testing watch)
[2025-08-15] Accepted firmware-nonfree 20250808-1 (source) into unstable (Ben Hutchings)
[2025-07-08] Accepted firmware-nonfree 20250708-1 (source) into experimental (Ben Hutchings)
[2025-07-08] Accepted firmware-nonfree 20250627-1 (source) into experimental (Ben Hutchings)
[2025-06-21] Accepted firmware-nonfree 20250613-1 (source) into experimental (Ben Hutchings)
[2025-06-19] Accepted firmware-nonfree 20250509-1 (source) into experimental (Ben Hutchings)
[2025-05-28] Accepted firmware-nonfree 20250410-2~bpo12+1 (source) into stable-backports (Ben Hutchings)
[2025-05-05] firmware-nonfree 20250410-2 MIGRATED to testing (Debian testing watch)
[2025-04-24] Accepted firmware-nonfree 20250410-2 (source) into unstable (Ben Hutchings)
[2025-04-21] Accepted firmware-nonfree 20250410-1 (source) into unstable (Ben Hutchings)
[2025-04-15] Accepted firmware-nonfree 20250311-1 (source) into unstable (Ben Hutchings)
[2025-04-14] Accepted firmware-nonfree 20250211-1 (source) into unstable (Ben Hutchings)
[2025-04-13] Accepted firmware-nonfree 20250109-1 (source) into unstable (Ben Hutchings)
[2025-03-20] Accepted firmware-nonfree 20241210-1~bpo12+1 (source) into stable-backports (Ben Hutchings)
[2024-12-25] firmware-nonfree 20241210-1 MIGRATED to testing (Debian testing watch)
[2024-12-19] Accepted firmware-nonfree 20241210-1 (source) into unstable (Ben Hutchings)
[2024-11-04] firmware-nonfree 20240909-2 MIGRATED to testing (Debian testing watch)
[2024-10-30] Accepted firmware-nonfree 20240909-2 (source) into unstable (Ben Hutchings)
[2024-10-07] Accepted firmware-nonfree 20240909-1 (source) into unstable (Ben Hutchings)
[2024-10-07] Accepted firmware-nonfree 20240811-1 (source) into unstable (Ben Hutchings)

bugs [bug history graph]

all: 69 74
RC: 0
I&N: 53 55
M&W: 16 19
F&P: 0
patch: 3 4
help: 4

links

lintian (0, 12)
buildd: logs
popcon
browse source code
edit tags
other distros
security tracker
debian patches