Security update for ovmf

Announcement ID:	SUSE-SU-2025:0503-1
Release Date:	2025-02-13T10:12:13Z
Rating:	important
References:	bsc#1218879 bsc#1218880 bsc#1218881 bsc#1218882 bsc#1218883 bsc#1218884 bsc#1218885 bsc#1218886 bsc#1218887 bsc#1225889
Cross-References:	CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-45236 CVE-2023-45237 CVE-2024-1298
CVSS scores:	CVE-2023-45229 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-45229 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-45230 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H CVE-2023-45230 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-45230 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H CVE-2023-45231 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-45231 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-45232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-45233 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-45233 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-45234 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H CVE-2023-45234 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-45235 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H CVE-2023-45235 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2023-45236 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVE-2023-45236 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-45237 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2023-45237 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2024-1298 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Affected Products:	openSUSE Leap 15.4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP4 LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3

An update that solves 10 vulnerabilities can now be installed.

Description:

This update for ovmf fixes the following issues:

• CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. (bsc#1225889)
• CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA options in DHCPv6 Advertise messages. (bsc#1218879)
• CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. (bsc#1218880)
• CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect message with truncated options. (bsc#1218881)
• CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the Destination Options header. (bsc#1218882)
• CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the Destination Options header. (bsc#1218883)
• CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options in a DHCPv6 Advertise message. (bsc#1218884)
• CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option in a DHCPv6 proxy Advertise message. (bsc#1218885)
• CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network packages. (bsc#1218886)
• CVE-2023-45237: use of a weak pseudorandom number generator in edk2. (bsc#1218887)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro for Rancher 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1
• SUSE Linux Enterprise Micro 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-503=1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-503=1
• SUSE Linux Enterprise Server 15 SP4 LTSS
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-503=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-503=1
• SUSE Manager Proxy 4.3
  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-503=1
• SUSE Manager Retail Branch Server 4.3
  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2025-503=1
• SUSE Manager Server 4.3
  zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-503=1
• openSUSE Leap 15.4
  zypper in -t patch SUSE-2025-503=1
• SUSE Linux Enterprise Micro for Rancher 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1
• SUSE Linux Enterprise Micro 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1

Package List:

• SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise Micro 5.4 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Manager Proxy 4.3 (x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Manager Proxy 4.3 (noarch)
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Manager Retail Branch Server 4.3 (x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Manager Retail Branch Server 4.3 (noarch)
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Manager Server 4.3 (x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• SUSE Manager Server 4.3 (noarch)
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• openSUSE Leap 15.4 (aarch64 x86_64)
  • ovmf-202202-150400.5.15.1
  • ovmf-tools-202202-150400.5.15.1
• openSUSE Leap 15.4 (noarch)
  • qemu-ovmf-x86_64-202202-150400.5.15.1
  • qemu-uefi-aarch32-202202-150400.5.15.1
  • qemu-ovmf-ia32-202202-150400.5.15.1
  • qemu-uefi-aarch64-202202-150400.5.15.1
• openSUSE Leap 15.4 (x86_64)
  • qemu-ovmf-x86_64-debug-202202-150400.5.15.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1
• SUSE Linux Enterprise Micro 5.3 (noarch)
  • qemu-uefi-aarch64-202202-150400.5.15.1
  • qemu-ovmf-x86_64-202202-150400.5.15.1

References:

• https://www.suse.com/security/cve/CVE-2023-45229.html
• https://www.suse.com/security/cve/CVE-2023-45230.html
• https://www.suse.com/security/cve/CVE-2023-45231.html
• https://www.suse.com/security/cve/CVE-2023-45232.html
• https://www.suse.com/security/cve/CVE-2023-45233.html
• https://www.suse.com/security/cve/CVE-2023-45234.html
• https://www.suse.com/security/cve/CVE-2023-45235.html
• https://www.suse.com/security/cve/CVE-2023-45236.html
• https://www.suse.com/security/cve/CVE-2023-45237.html
• https://www.suse.com/security/cve/CVE-2024-1298.html
• https://bugzilla.suse.com/show_bug.cgi?id=1218879
• https://bugzilla.suse.com/show_bug.cgi?id=1218880
• https://bugzilla.suse.com/show_bug.cgi?id=1218881
• https://bugzilla.suse.com/show_bug.cgi?id=1218882
• https://bugzilla.suse.com/show_bug.cgi?id=1218883
• https://bugzilla.suse.com/show_bug.cgi?id=1218884
• https://bugzilla.suse.com/show_bug.cgi?id=1218885
• https://bugzilla.suse.com/show_bug.cgi?id=1218886
• https://bugzilla.suse.com/show_bug.cgi?id=1218887
• https://bugzilla.suse.com/show_bug.cgi?id=1225889