Описание
Security update for kernel-firmware
This update for kernel-firmware fixes the following issues:
- CVE-2023-31315: Fixed validation in a model specific register (MSR) that lead to modification of SMM configuration by malicious program with ring0 access (bsc#1229069)
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
kernel-firmware-20190618-5.37.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
kernel-firmware-20190618-5.37.1
SUSE Linux Enterprise Server 12 SP5
kernel-firmware-20190618-5.37.1
ucode-amd-20190618-5.37.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
kernel-firmware-20190618-5.37.1
ucode-amd-20190618-5.37.1
Ссылки
- Link for SUSE-SU-2024:2911-1
- E-Mail link for SUSE-SU-2024:2911-1
- SUSE Security Ratings
- SUSE Bug 1229069
- SUSE CVE CVE-2023-31315 page
Описание
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:kernel-firmware-20190618-5.37.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:kernel-firmware-20190618-5.37.1
SUSE Linux Enterprise Server 12 SP5:kernel-firmware-20190618-5.37.1
SUSE Linux Enterprise Server 12 SP5:ucode-amd-20190618-5.37.1
Ссылки
- CVE-2023-31315
- SUSE Bug 1229069