exploitDog

SUSE-SU-2022:2056-1

Опубликовано: 13 июн. 2022

Источник: suse-cvrf

Описание

Security update for u-boot

This update for u-boot fixes the following issues:

A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code. (CVE-2022-30552, bsc#1200363)
A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive. (CVE-2022-30790, bsc#1200364)

Список пакетов

SUSE Enterprise Storage 7

u-boot-rpiarm64-2020.01-150200.10.12.1

u-boot-rpiarm64-doc-2020.01-150200.10.12.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

u-boot-rpiarm64-2020.01-150200.10.12.1

u-boot-rpiarm64-doc-2020.01-150200.10.12.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

u-boot-rpiarm64-2020.01-150200.10.12.1

u-boot-rpiarm64-doc-2020.01-150200.10.12.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise Server 15 SP2-BCL

u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise Server 15 SP2-LTSS

u-boot-rpiarm64-2020.01-150200.10.12.1

u-boot-rpiarm64-doc-2020.01-150200.10.12.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

u-boot-tools-2020.01-150200.10.12.1

SUSE Manager Proxy 4.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Manager Retail Branch Server 4.1

u-boot-tools-2020.01-150200.10.12.1

SUSE Manager Server 4.1

u-boot-tools-2020.01-150200.10.12.1

openSUSE Leap 15.3

u-boot-xilinxzynqmpgeneric-2020.01-150200.10.12.1

u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.12.1

openSUSE Leap 15.4

u-boot-xilinxzynqmpgeneric-2020.01-150200.10.12.1

u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.12.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222056-1/
Link for SUSE-SU-2022:2056-1
https://lists.suse.com/pipermail/sle-security-updates/2022-June/011272.html
E-Mail link for SUSE-SU-2022:2056-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1200363
SUSE Bug 1200363
https://bugzilla.suse.com/1200364
SUSE Bug 1200364
https://www.suse.com/security/cve/CVE-2022-30552/
SUSE CVE CVE-2022-30552 page
https://www.suse.com/security/cve/CVE-2022-30790/
SUSE CVE CVE-2022-30790 page

Описание

Das U-Boot 2022.01 has a Buffer Overflow.

Затронутые продукты

SUSE Enterprise Storage 7:u-boot-rpiarm64-2020.01-150200.10.12.1

SUSE Enterprise Storage 7:u-boot-rpiarm64-doc-2020.01-150200.10.12.1

SUSE Enterprise Storage 7:u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:u-boot-rpiarm64-2020.01-150200.10.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-30552.html
CVE-2022-30552
https://bugzilla.suse.com/1200363
SUSE Bug 1200363

Описание

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.

Затронутые продукты

SUSE Enterprise Storage 7:u-boot-rpiarm64-2020.01-150200.10.12.1

SUSE Enterprise Storage 7:u-boot-rpiarm64-doc-2020.01-150200.10.12.1

SUSE Enterprise Storage 7:u-boot-tools-2020.01-150200.10.12.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:u-boot-rpiarm64-2020.01-150200.10.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-30790.html
CVE-2022-30790
https://bugzilla.suse.com/1200364
SUSE Bug 1200364