Описание
Security update for solo
This update for solo fixes the following issues:
Update to Solo 4.1.2
- Fix boo#1186848 CVE-202-27208, security issue in firmware source that is part of the source package.
Список пакетов
SUSE Package Hub 15 SP2
solo-udev-4.1.2-bp153.2.3.1
SUSE Package Hub 15 SP3
solo-udev-4.1.2-bp153.2.3.1
openSUSE Leap 15.2
solo-udev-4.1.2-bp153.2.3.1
openSUSE Leap 15.3
solo-udev-4.1.2-bp153.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2021:1019-1
- SUSE Security Ratings
- SUSE Bug 1186848
- SUSE CVE CVE-2020-27208 page
Описание
The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.
Затронутые продукты
SUSE Package Hub 15 SP2:solo-udev-4.1.2-bp153.2.3.1
SUSE Package Hub 15 SP3:solo-udev-4.1.2-bp153.2.3.1
openSUSE Leap 15.2:solo-udev-4.1.2-bp153.2.3.1
openSUSE Leap 15.3:solo-udev-4.1.2-bp153.2.3.1
Ссылки
- CVE-2020-27208
- SUSE Bug 1186848