Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- PXE boot is failing due to patches applied to fix CVE-2023-45236 and CVE-2023-45237 (bsc#1237084).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
ovmf-202208-150500.6.9.1
ovmf-tools-202208-150500.6.9.1
qemu-ovmf-x86_64-202208-150500.6.9.1
qemu-uefi-aarch64-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
ovmf-202208-150500.6.9.1
ovmf-tools-202208-150500.6.9.1
qemu-ovmf-x86_64-202208-150500.6.9.1
qemu-uefi-aarch64-202208-150500.6.9.1
SUSE Linux Enterprise Micro 5.5
qemu-ovmf-x86_64-202208-150500.6.9.1
qemu-uefi-aarch64-202208-150500.6.9.1
SUSE Linux Enterprise Server 15 SP5-LTSS
ovmf-202208-150500.6.9.1
ovmf-tools-202208-150500.6.9.1
qemu-ovmf-x86_64-202208-150500.6.9.1
qemu-uefi-aarch64-202208-150500.6.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
ovmf-202208-150500.6.9.1
ovmf-tools-202208-150500.6.9.1
qemu-ovmf-x86_64-202208-150500.6.9.1
Ссылки
- Link for SUSE-SU-2025:0609-1
- E-Mail link for SUSE-SU-2025:0609-1
- SUSE Security Ratings
- SUSE Bug 1237084
- SUSE CVE CVE-2023-45236 page
- SUSE CVE CVE-2023-45237 page
Описание
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ovmf-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ovmf-tools-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:qemu-ovmf-x86_64-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:qemu-uefi-aarch64-202208-150500.6.9.1
Ссылки
- CVE-2023-45236
- SUSE Bug 1218886
Описание
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ovmf-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:ovmf-tools-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:qemu-ovmf-x86_64-202208-150500.6.9.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:qemu-uefi-aarch64-202208-150500.6.9.1
Ссылки
- CVE-2023-45237
- SUSE Bug 1218887