Main Vulnerability Database Vulnerabilities #VU73859

#VU73859 Configuration in SUSE products

Published: March 21, 2023

Vulnerability identifier: #VU73859

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-16

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
SUSE Linux Enterprise Real Time 12
oracleasm-kmp-rt
oracleasm-kmp-rt-debuginfo

Software vendor:
SUSE

Description

The issue may allow a local user to bypass implemented security restrictions.

The issue exists due to the possibility to bypass implemented security restrictions, related to secure boot. it was addressed by rebuilding the package with the new secure boot key.

Remediation

Install updates from vendor's website.

External links

https://www.suse.com/support/update/announcement/2023/suse-su-20230797-1/
https://bugzilla.suse.com/show_bug.cgi?id=1209188

#VU73859 Configuration in SUSE products

Description

Remediation

External links

Please verify you're human