firmware-nonfree - Debian Package Tracker

general

source: firmware-nonfree (non-free-firmware)
version: 20260110-1
maintainer: Debian Kernel Team (archive) (DMD)
uploaders: Bastian Blank [DMD] – Salvatore Bonaccorso [DMD] – maximilian attems [DMD] – Ben Hutchings [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 20210315-3
oldstable: 20230210-5
old-bpo: 20250410-2~bpo12+1
stable: 20250410-2
stable-bpo: 20251111-1~bpo13+1
testing: 20260110-1
unstable: 20260110-1

versioned links

20210315-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20230210-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20250410-2~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20250410-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20251111-1~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
20260110-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

firmware-amd-graphics (9 bugs: 0, 9, 0, 0)
firmware-atheros (3 bugs: 0, 3, 0, 0)
firmware-bnx2
firmware-bnx2x
firmware-brcm80211 (2 bugs: 0, 2, 0, 0)
firmware-cavium
firmware-cirrus
firmware-intel-graphics (1 bugs: 0, 1, 0, 0)
firmware-intel-misc
firmware-intel-sound (1 bugs: 0, 1, 0, 0)
firmware-ipw2x00
firmware-ivtv
firmware-iwlwifi (18 bugs: 0, 17, 1, 0)
firmware-libertas
firmware-linux
firmware-linux-nonfree (2 bugs: 0, 1, 1, 0)
firmware-marvell-prestera
firmware-mediatek
firmware-misc-nonfree (10 bugs: 0, 8, 2, 0)
firmware-myricom
firmware-netronome
firmware-netxen (1 bugs: 0, 1, 0, 0)
firmware-nvidia-graphics (1 bugs: 0, 0, 1, 0)
firmware-qcom-media
firmware-qcom-soc
firmware-qlogic
firmware-realtek (6 bugs: 0, 6, 0, 0)
firmware-samsung
firmware-siano (1 bugs: 0, 1, 0, 0)
firmware-ti-connectivity (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 20260221 high

A new upstream version 20260221 is available, you should consider packaging it.

Created: 2026-02-24 Last update: 2026-03-01 02:00

24 security issues in bullseye high

There are 24 open security issues in bullseye.

3 important issues:

CVE-2025-26402: Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-26405: Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires passive user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-32735: Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

21 issues postponed or untriaged:

CVE-2023-4969: (needs triaging) A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2020-24586: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: (needs triaging) The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2021-23168: (needs triaging) Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2021-23223: (needs triaging) Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-37409: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-44545: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-21181: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-27635: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-36351: (needs triaging) Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-38076: (needs triaging) Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-40964: (needs triaging) Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-46329: (needs triaging) Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-35061: (needs triaging) Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: (needs triaging) Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-23198: (postponed; to be fixed through a stable update) Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.
CVE-2024-24984: (postponed; to be fixed through a stable update) Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-25563: (postponed; to be fixed through a stable update) Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28049: (postponed; to be fixed through a stable update) Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.

Created: 2025-11-16 Last update: 2026-02-28 04:32

13 security issues in buster high

There are 13 open security issues in buster.

12 important issues:

CVE-2023-25951: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-26586: Uncaught exception for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-28374: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-28720: Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access..
CVE-2023-32642: Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32644: Protection mechanism failure for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32651: Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-33875: Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via local access..
CVE-2023-34983: Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-35061: Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

1 issue postponed or untriaged:

CVE-2023-4969: (postponed; to be fixed through a stable update) A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

Created: 2024-05-02 Last update: 2024-05-22 17:48

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs (4 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2026-03-01 05:30

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 20260221-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 37335b5b79ee35feb89c359d086d1c94f287b6bd
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 21:54:05 2026 +0100

    d/c/defines: Exclude old compat links for adreno
    
    The adreno driver stopped using these old names in Linux 4.15,
    which is long out of support.

commit 4095dab91a108cf45948608d269fc602db4f216a
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 21:15:13 2026 +0100

    d/b/check_upstream.py: Check for links not included in binary packages
    
    Check for and report links listed in WHENCE that aren't included in
    any binary packages, similarly to what we do for files.
    
    The checks are a bit different, though:
    
    - Since these links are only defined in WHENCE and created by
      copy-firmware.sh, they aren't affected by debian/copyright's
      Files-Excluded.  So check that the link *target* is not excluded,
      and also support a new config field in debian/config/defines for
      symlinks we want to exclude.  There are some compatibility links in
      the top-level firmware directory that we probably shouldn't bother
      adding.
    
    - Check that the link target is a file listed in the same group.
      Handling links to directories, or files in another group, would be
      much more complicated to do correctly.

commit 0d366622ec1c6146cae6fd0b84f13780ab39c316
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 20:30:37 2026 +0100

    check_upstream.py: Replace use of os.path with pathlib

commit 72063b342715fd4e49c59a64d293d6f71b918063
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 21:02:21 2026 +0100

    d/b/check_upstream.py: Ignore file existence when checking license status
    
    The tests for file existence here date from when firmware-nonfree was
    a native package, or immediately after.  They don't make sense now,
    because whether a file will be copied from upstream into the source or
    binary is determined by the exclusion and inclusion patterns that we
    are already checking.
    
    Rearrange the per-file checks so we first check whether the file will
    be included in the source package, and never check whether the file is
    currently present.

commit cca15a9ddcb30d69fed938390bd833509588e2d4
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 20:27:59 2026 +0100

    d/b/check_upstream.py: Remove support for encoding file version in filename
    
    Commit 658f5e733956 removed support in debian/bin/gencontrol.py for
    extra or overriding files under debian/config that included a version
    suffix in their filename.  However check_upstream.py also supported
    this, and doesn't need to any more.  Remove that support.

commit febfc38e00dfc6c438bb7558e15a62f0521ed036
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 20:15:02 2026 +0100

    debian_firmware.firmware: Parse Link fields and include in FirmwareGroup

commit 02acbd724a50e9242937f4156039f7b32e1ef38d
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 20:08:35 2026 +0100

    debian_firmware.firmware: Use dataclasses to define Firmware{File,Group}

commit cb8e165e456e7041db7befcf501135c3e7d853f2
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 19:59:26 2026 +0100

    Move Python debian_linux.firmware module into debian_firmware package
    
    This is actually a copy rather than a move, since debian_linux is
    supposed to be copied from src:linux.  I will delete it from src:linux
    later.
    
    Update the one script that uses it.

commit e7005b4754c3c422da29d76e404872c81285e778
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 19:55:44 2026 +0100

    Replace sys.path manipulation in debian/bin with symlink to debian_firmware
    
    Use a symlink to the debian_firmware package under debian/bin, the
    same way we do with the debian_linux package.  Remove the
    now-redundant change to sys.path in several scripts in debian/bin.

commit 19e296ab1dd00eb50ec3f2dab4fe68f5c0a21fc4
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 19:51:31 2026 +0100

    Move Python config module into a debian_firmware package

commit 8a03038469b14694997e68a14f8f699aa38bf72b
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 18:43:33 2026 +0100

    d/config: Simplify filename patterns ending in '**/*'
    
    Following the fix to config.pattern_to_re, we can replace '**/*' with
    the more obvious '**'.

commit 55bfc30a99c0528ad0d31a74f715fad265b6510f
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 18:40:56 2026 +0100

    Change our filename pattern matching to handle '**' without following '/'
    
    Our filename pattern matching is supposed to follow the behaviour of
    glob.glob or pathlib.Path.glob.  That means we should handle '**'
    without a following '/' as matching all descendents.  Currently
    config.pattern_to_re effectively treats it as equivalent to '*'.

commit d3f536139b28fd44a15c96586b160e05ee8a9bfc
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 21:53:25 2026 +0100

    misc-nonfree: Include more symlinks to tas2781 and tas2783 firmware

commit 695f8e8c0757932c32d888aada16a30c6b599268
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 18:54:01 2026 +0100

    intel-graphics: Include ipu3-fw.bin symlink
    
    Closes: #1126797

commit f77353b521839d630a8b993a1f89c42e67ba84e7
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 18:26:21 2026 +0100

    misc-nonfree: Fix wildcard for TI audio firmware
    
    With the current translation of globs to regexps, '**' without a
    following '/' isn't treated specially and so the subdirectories of
    ti/audio aren't actually being included.  Add a '/*' so that they are
    included.
    
    This was a regression in 20251111-1.

commit be0ffc7f3be1edae3dfc48c2a4f64fc36c9673da
Merge: b0a47f5 a5d4dde
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 23:31:46 2026 +0100

    Merge branch 'update-20260221' into 'debian/latest'
    
    Update to 20260221
    
    See merge request kernel-team/firmware-nonfree!139

commit a5d4dde0c24d32bd69401a3690c0595fcac3905d
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 19:42:24 2026 +0100

    mediatek: Override lintian warnings for any firmware in ELF format
    
    The lintian warnings we already override have also triggered on
    the new file mediatek/mt8188/scp_c0.img.  Change the overrides
    to match all firmware files.

commit 6bc6b56d42ba94c8322d4de5e993a3ddac5b1bc4
Author: Ben Hutchings <benh@debian.org>
Date:   Thu Feb 26 18:13:54 2026 +0100

    Update to 20260221
    
    - d/copyright: Delete exclusion of Intel BT fw files that are now symlinks
    
    No other changes seem to be needed in d/copyright, as all new files
    match existing patterns.

commit b0a47f5e51fdd7eb75738ea29cfc01ab53220634
Author: Ben Hutchings <benh@debian.org>
Date:   Wed Feb 25 23:48:57 2026 +0100

    CI: Update build jobs to work after another common pipeline change
    
    pipieline commit bfa96b788547 "Don't rebuild source package in sbuild"
    changed things around so that the packed source package is expected to
    be generated in ${BUILD_DIR}.  A new command in
    .build-script-run-build-command moves it to the artifact directory
    ${WORKING_DIR} after building binary packages.  Additionally it's
    expected that the current directory at this point is a subdirectory of
    ${BUILD_DIR}.
    
    Our build job always puts the source package in ${WORKING_DIR} before
    including .build-script-run-build-command, so the second move fails.
    It also keeps the current directory set to the Git working tree.
    
    Change .local-build-script-extract-source to:
    
    - Put the cached orig tarball, packed and unpacked source package in
      ${BUILD_DIR}
    - Set current directory to the unpacked source package under
      ${BUILD_DIR}
    
    Change the build job to:
    
    - Make ${BUILD_DIR} owned by the build user
    - Leave the sbuild command line unchanged
    
    Change the 'build source' job to:
    
    - Create ${BUILD_DIR} before .local-build-script-extract-source
    - Move all the source artifacts into ${WORKING_DIR} afterwards

Created: 2026-02-26 Last update: 2026-02-27 12:31

lintian reports 12 warnings normal

Lintian reports 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-02-05 Last update: 2026-02-16 10:49

AppStream hints: 1 warning for firmware-bnx2,firmware-intel-graphics,firmware-qlogic,firmware-nvidia-graphics,firmware-intel-sound,firmware-ipw2x00,firmware-amd-graphics,firmware-intel-misc,firmware-iwlwifi,firmware-samsung,firmware-realtek,firmware-libertas,firmware-ti-connectivity,firmware-mediatek,firmware-cavium,firmware-atheros,firmware-marvell-prestera,firmware-bnx2x,firmware-brcm80211,firmware-misc-nonfree,firmware-siano,firmware-myricom,firmware-qcom-soc,firmware-ivtv,firmware-cirrus,firmware-netronome,firmware-netxen normal

AppStream found metadata issues for packages:

firmware-ipw2x00: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2024-01-27 Last update: 2025-04-21 17:20

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-32735: (needs triaging) Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-02-11 Last update: 2026-02-28 04:32

debian/patches: 1 patch to forward upstream low

Among the 4 debian patches available in version 20260110-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2024-12-20 Last update: 2026-02-05 10:31

No known security issue in bookworm wishlist

There are 13 open security issues in bookworm.

13 ignored issues:

CVE-2023-4969: A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.
CVE-2022-27635: Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-36351: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-38076: Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-40964: Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-46329: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-35061: Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVE-2023-38417: Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-47210: Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-23198: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.
CVE-2024-24984: Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2024-25563: Improper initialization in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi before version 23.40 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2024-28049: Improper input validation in firmware for some Intel(R) PROSet/Wireless Software and Intel(R) Killer(TM) Wi-Fi wireless products before version 23.40 may allow an unauthenticated user to enable denial of service via adjacent access.

Created: 2023-08-18 Last update: 2026-02-28 04:32

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.3.0).

Created: 2023-05-16 Last update: 2026-02-05 01:19

news

[rss feed]

[2026-02-28] firmware-nonfree 20260110-1 MIGRATED to testing (Debian testing watch)
[2026-02-26] Accepted firmware-nonfree 20251111-1~bpo13+1 (source) into stable-backports (Ben Hutchings)
[2026-02-04] Accepted firmware-nonfree 20260110-1 (source) into unstable (Ben Hutchings)
[2026-02-03] Accepted firmware-nonfree 20251125-1 (source) into unstable (Ben Hutchings)
[2025-11-30] firmware-nonfree 20251111-1 MIGRATED to testing (Debian testing watch)
[2025-11-25] Accepted firmware-nonfree 20251021-1~bpo13+1 (source) into stable-backports (Ben Hutchings)
[2025-11-24] Accepted firmware-nonfree 20251111-1 (source) into unstable (Ben Hutchings)
[2025-11-08] firmware-nonfree 20251021-1 MIGRATED to testing (Debian testing watch)
[2025-11-02] Accepted firmware-nonfree 20251021-1 (source) into unstable (Ben Hutchings)
[2025-11-02] Accepted firmware-nonfree 20251011-1 (source) into unstable (Ben Hutchings)
[2025-10-15] Accepted firmware-nonfree 20250917-1 (source) into unstable (Ben Hutchings)
[2025-09-09] Accepted firmware-nonfree 20250808-1~bpo13+1 (all source) into stable-backports (Debian FTP Masters) (signed by: Ben Hutchings)
[2025-08-21] firmware-nonfree 20250808-1 MIGRATED to testing (Debian testing watch)
[2025-08-15] Accepted firmware-nonfree 20250808-1 (source) into unstable (Ben Hutchings)
[2025-07-08] Accepted firmware-nonfree 20250708-1 (source) into experimental (Ben Hutchings)
[2025-07-08] Accepted firmware-nonfree 20250627-1 (source) into experimental (Ben Hutchings)
[2025-06-21] Accepted firmware-nonfree 20250613-1 (source) into experimental (Ben Hutchings)
[2025-06-19] Accepted firmware-nonfree 20250509-1 (source) into experimental (Ben Hutchings)
[2025-05-28] Accepted firmware-nonfree 20250410-2~bpo12+1 (source) into stable-backports (Ben Hutchings)
[2025-05-05] firmware-nonfree 20250410-2 MIGRATED to testing (Debian testing watch)
[2025-04-24] Accepted firmware-nonfree 20250410-2 (source) into unstable (Ben Hutchings)
[2025-04-21] Accepted firmware-nonfree 20250410-1 (source) into unstable (Ben Hutchings)
[2025-04-15] Accepted firmware-nonfree 20250311-1 (source) into unstable (Ben Hutchings)
[2025-04-14] Accepted firmware-nonfree 20250211-1 (source) into unstable (Ben Hutchings)
[2025-04-13] Accepted firmware-nonfree 20250109-1 (source) into unstable (Ben Hutchings)
[2025-03-20] Accepted firmware-nonfree 20241210-1~bpo12+1 (source) into stable-backports (Ben Hutchings)
[2024-12-25] firmware-nonfree 20241210-1 MIGRATED to testing (Debian testing watch)
[2024-12-19] Accepted firmware-nonfree 20241210-1 (source) into unstable (Ben Hutchings)
[2024-11-04] firmware-nonfree 20240909-2 MIGRATED to testing (Debian testing watch)
[2024-10-30] Accepted firmware-nonfree 20240909-2 (source) into unstable (Ben Hutchings)

bugs [bug history graph]

all: 63 66
RC: 0
I&N: 53 55
M&W: 10 11
F&P: 0
patch: 3 4

links

lintian (0, 12)
buildd: logs
popcon
browse source code
edit tags
other distros
security tracker
debian patches