Update iwlwifi firmware for 3160, 3168, 7260, 7265 and 7265D
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
intel |
Fix Released
|
Undecided
|
Unassigned | ||
linux-firmware (Ubuntu) |
Fix Released
|
High
|
Seth Forshee | ||
Trusty |
Fix Released
|
High
|
Seth Forshee | ||
Xenial |
Fix Released
|
High
|
Seth Forshee | ||
Zesty |
Fix Released
|
High
|
Seth Forshee | ||
Artful |
Fix Released
|
High
|
Seth Forshee | ||
Bionic |
Fix Released
|
High
|
Seth Forshee |
Bug Description
SRU Justification
Impact: Intel wireless firmware WoWLAN functionality is vulnerable to some CVEs from the KRACK attack vulnerabilities, CVE-2017-13080 and CVE-2017-13081.
Fix: Updated firmware from Intel containing fixes for these vulnerabilities.
Test Case: Difficult to test; we are reliant on testing done by Intel.
Regression Potential: There is always some possibility for regressions with firmware updates, but as these are bug fix updates the regression potential is minimal. I have been using the 7260 firmware for over a week now without issue.
---
There are two parts of WIFI firmware update. Please double check if Ubuntu release has include them.
A new firmware version for 8260 and 8265 WiFi devices.
This our Core31 release (-34.ucode).
https:/
A new firmware version for 3160, 3168, 7260, 7265 and 7265D
Note: This firmware version hasn't been pulled into mainline yet.
This includes a security fix.
The patch in iwlwifi/
https:/
CVE References
summary: |
- [Feature] WIFI: firmware update + Update iwlwifi firmware for 3160, 3168, 7260, 7265 and 7265D |
information type: | Proprietary → Public |
Changed in linux-firmware (Ubuntu Artful): | |
assignee: | nobody → Seth Forshee (sforshee) |
status: | New → In Progress |
Changed in linux-firmware (Ubuntu Zesty): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → High |
status: | New → In Progress |
Changed in linux-firmware (Ubuntu Artful): | |
importance: | Undecided → High |
Changed in linux-firmware (Ubuntu Xenial): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → High |
status: | New → In Progress |
Changed in linux-firmware (Ubuntu Trusty): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → High |
status: | New → In Progress |
Changed in linux-firmware (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux-firmware (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux-firmware (Ubuntu Zesty): | |
status: | In Progress → Fix Committed |
Changed in linux-firmware (Ubuntu Artful): | |
status: | In Progress → Fix Committed |
description: | updated |
Changed in intel: | |
status: | Incomplete → Fix Released |
It looks like only 4.14 supports the -34 firmware files. Since we haven't yet moved to 4.14 I see no urgency to pull these in, we can wait until we either update bionic to use 4.14 or upstream linux-firmware pulls in the files.
If the other files contain a security fix we can pull those in now. We will need a public launchpad bug though to SRU the files, I'm not sure though if the security fix is public knowledge or not. @quanxian, an you advise whether we can make this bug public or if I should open a new bug which does not mention the security fix? Is there a CVE number associated with the issue?