SUSE-SU-2023:4141-1

Опубликовано: 20 окт. 2023

Источник: suse-cvrf

Описание

Security update for grub2

This update for grub2 fixes the following issues:

Security fixes:

CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. (bsc#1215935)
CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. (bsc#1215936)

Other fixes:

Fix a boot delay issue in PowerPC PXE boot (bsc#1201300)

Список пакетов

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Container suse/sle-micro/base-5.5:latest

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Azure-3P

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Azure-Basic

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Azure-Standard

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-Aliyun

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-GDC

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-CHOST-BYOS-SAP-CCloud

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-HPC-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-HPC-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-HPC-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-HPC-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Hardened-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Hardened-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Hardened-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-BYOS

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-BYOS

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-Micro-5-5-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Azure-3P

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Azure-LI-BYOS

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-SAP-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Hardened-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAP-Hardened-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAPCAL-Azure

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

Image SLES15-SP5-SAPCAL-EC2

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

Image SLES15-SP5-SAPCAL-GCE

grub2-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

SUSE Linux Enterprise Micro 5.5

grub2-2.06-150500.29.8.1

grub2-arm64-efi-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-s390x-emu-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

grub2-x86_64-xen-2.06-150500.29.8.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

grub2-2.06-150500.29.8.1

grub2-arm64-efi-2.06-150500.29.8.1

grub2-i386-pc-2.06-150500.29.8.1

grub2-powerpc-ieee1275-2.06-150500.29.8.1

grub2-s390x-emu-2.06-150500.29.8.1

grub2-snapper-plugin-2.06-150500.29.8.1

grub2-systemd-sleep-plugin-2.06-150500.29.8.1

grub2-x86_64-efi-2.06-150500.29.8.1

SUSE Linux Enterprise Module for Server Applications 15 SP5

grub2-x86_64-xen-2.06-150500.29.8.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234141-1/
Link for SUSE-SU-2023:4141-1
https://lists.suse.com/pipermail/sle-security-updates/2023-October/016765.html
E-Mail link for SUSE-SU-2023:4141-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1201300
SUSE Bug 1201300
https://bugzilla.suse.com/1215935
SUSE Bug 1215935
https://bugzilla.suse.com/1215936
SUSE Bug 1215936
https://www.suse.com/security/cve/CVE-2023-4692/
SUSE CVE CVE-2023-4692 page
https://www.suse.com/security/cve/CVE-2023-4693/
SUSE CVE CVE-2023-4693 page

Описание

An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.

Затронутые продукты

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-2.06-150500.29.8.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-i386-pc-2.06-150500.29.8.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-x86_64-efi-2.06-150500.29.8.1

Container suse/sle-micro/base-5.5:latest:grub2-2.06-150500.29.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4692.html
CVE-2023-4692
https://bugzilla.suse.com/1215935
SUSE Bug 1215935
https://bugzilla.suse.com/1217434
SUSE Bug 1217434
https://bugzilla.suse.com/1217555
SUSE Bug 1217555
https://bugzilla.suse.com/1219472
SUSE Bug 1219472
https://bugzilla.suse.com/1219709
SUSE Bug 1219709
https://bugzilla.suse.com/1221589
SUSE Bug 1221589
https://bugzilla.suse.com/1227915
SUSE Bug 1227915

Описание

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.

Затронутые продукты

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-2.06-150500.29.8.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-i386-pc-2.06-150500.29.8.1

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest:grub2-x86_64-efi-2.06-150500.29.8.1

Container suse/sle-micro/base-5.5:latest:grub2-2.06-150500.29.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-4693.html
CVE-2023-4693
https://bugzilla.suse.com/1215936
SUSE Bug 1215936

SUSE-SU-2023:4141-1

Описание

Список пакетов

Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest

Container suse/sle-micro/base-5.5:latest

Image SLES15-SP5-Azure-3P

Image SLES15-SP5-Azure-Basic

Image SLES15-SP5-Azure-Standard

Image SLES15-SP5-BYOS-Azure

Image SLES15-SP5-BYOS-EC2

Image SLES15-SP5-BYOS-GCE

Image SLES15-SP5-CHOST-BYOS-Aliyun

Image SLES15-SP5-CHOST-BYOS-Azure

Image SLES15-SP5-CHOST-BYOS-EC2

Image SLES15-SP5-CHOST-BYOS-GCE

Image SLES15-SP5-CHOST-BYOS-GDC

Image SLES15-SP5-CHOST-BYOS-SAP-CCloud

Image SLES15-SP5-EC2

Image SLES15-SP5-GCE

Image SLES15-SP5-HPC-Azure

Image SLES15-SP5-HPC-BYOS-Azure

Image SLES15-SP5-HPC-BYOS-EC2

Image SLES15-SP5-HPC-BYOS-GCE

Image SLES15-SP5-Hardened-BYOS-Azure

Image SLES15-SP5-Hardened-BYOS-EC2

Image SLES15-SP5-Hardened-BYOS-GCE

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

Image SLES15-SP5-Manager-Server-5-0

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

Image SLES15-SP5-Manager-Server-5-0-BYOS

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

Image SLES15-SP5-Micro-5-5

Image SLES15-SP5-Micro-5-5-Azure

Image SLES15-SP5-Micro-5-5-BYOS

Image SLES15-SP5-Micro-5-5-BYOS-Azure

Image SLES15-SP5-Micro-5-5-BYOS-EC2

Image SLES15-SP5-Micro-5-5-BYOS-GCE

Image SLES15-SP5-Micro-5-5-EC2

Image SLES15-SP5-Micro-5-5-GCE

Image SLES15-SP5-SAP-Azure-3P

Image SLES15-SP5-SAP-Azure-LI-BYOS

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

Image SLES15-SP5-SAP-Azure-VLI-BYOS

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP5-SAP-BYOS-Azure

Image SLES15-SP5-SAP-BYOS-EC2

Image SLES15-SP5-SAP-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-GCE

Image SLES15-SP5-SAPCAL-Azure

Image SLES15-SP5-SAPCAL-EC2

Image SLES15-SP5-SAPCAL-GCE

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Module for Basesystem 15 SP5

SUSE Linux Enterprise Module for Server Applications 15 SP5

Ссылки

Уязвимость: CVE-2023-4692

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-4693

Описание

Затронутые продукты

Ссылки