exploitDog

SUSE-SU-2017:3114-1

Опубликовано: 29 нояб. 2017

Источник: suse-cvrf

Описание

Recommended update for tboot

This update for tboot provides the following fix:

Security issue fixed:

CVE-2014-5118: tboot: bypass of measured boot (bsc#889339)

Bug fixes:

Fixed failed trusted boot on some systems like Intel Xeon 'Purley 8s' processors. The following error message showed: 'TBOOT: wait-for-sipi loop timed-out'. Booting continued but 'TXT measured launch' was wrongly reported as FALSE. (bsc#1057555)

Список пакетов

SUSE Linux Enterprise Server 11 SP4

tboot-20120115_1.7.0-0.5.5.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

tboot-20120115_1.7.0-0.5.5.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20173114-1/
Link for SUSE-SU-2017:3114-1
https://lists.suse.com/pipermail/sle-security-updates/2017-November/003421.html
E-Mail link for SUSE-SU-2017:3114-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1057555
SUSE Bug 1057555
https://bugzilla.suse.com/889339
SUSE Bug 889339
https://www.suse.com/security/cve/CVE-2014-5118/
SUSE CVE CVE-2014-5118 page

Описание

Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability

Затронутые продукты

SUSE Linux Enterprise Server 11 SP4:tboot-20120115_1.7.0-0.5.5.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:tboot-20120115_1.7.0-0.5.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2014-5118.html
CVE-2014-5118
https://bugzilla.suse.com/1068390
SUSE Bug 1068390
https://bugzilla.suse.com/889339
SUSE Bug 889339