Описание
Recommended update for tboot
This update for tboot fixes the following issues:
Security issue fixed:
- CVE-2017-16837: Certain function pointers in Trusted Boot (tboot) through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module (TPM) by h (bsc#1068390)
Bug fixes:
- Fixed failed trusted boot on some systems like Intel Xeon 'Purley 8s' processors. The following error message showed: 'TBOOT: wait-for-sipi loop timed-out'. Booting continued but 'TXT measured launch' was wrongly reported as FALSE. (bsc#1057555)
Список пакетов
SUSE Linux Enterprise Server 12 SP2
tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server 12 SP3
tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
tboot-20160518_1.9.4-7.5.1
Ссылки
- Link for SUSE-SU-2017:3090-1
- E-Mail link for SUSE-SU-2017:3090-1
- SUSE Security Ratings
- SUSE Bug 1057555
- SUSE Bug 1068390
- SUSE CVE CVE-2017-16837 page
Описание
Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2:tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server 12 SP3:tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:tboot-20160518_1.9.4-7.5.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:tboot-20160518_1.9.4-7.5.1
Ссылки
- CVE-2017-16837
- SUSE Bug 1068390
- SUSE Bug 889339