Main Vulnerability Database SB2023042741

SB2023042741 - SUSE update for s390-tools

Published: April 27, 2023

Security Bulletin ID SB2023042741

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Configuration (CVE-ID: N/A)

The issue may allow a local user to bypass implemented security restrictions.

The issue exists due to the possibility to bypass implemented security restrictions, related to secure boot. it was addressed by rebuilding the package with the new secure boot key.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20231961-1/

Vulnerable Software

SUSE Linux Enterprise Micro for Rancher: 5.2
SUSE Linux Enterprise Server 15 SP3 LTSS: 15-SP3
SUSE Linux Enterprise Server 15: SP3
SUSE Linux Enterprise Micro: 5.1 - 5.2
SUSE Manager Server: 4.2
s390-tools-debugsource: before 2.15.1-150300.8.32.1
libekmfweb1: before 2.15.1-150300.8.32.1
libekmfweb1-debuginfo: before 2.15.1-150300.8.32.1
osasnmpd-debuginfo: before 2.15.1-150300.8.32.1
s390-tools-zdsfs: before 2.15.1-150300.8.32.1
s390-tools-hmcdrvfs-debuginfo: before 2.15.1-150300.8.32.1
s390-tools-hmcdrvfs: before 2.15.1-150300.8.32.1
osasnmpd: before 2.15.1-150300.8.32.1
libekmfweb1-devel: before 2.15.1-150300.8.32.1
s390-tools-debuginfo: before 2.15.1-150300.8.32.1
s390-tools: before 2.15.1-150300.8.32.1
s390-tools-zdsfs-debuginfo: before 2.15.1-150300.8.32.1