English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.856097
Categoría:openSUSE Local Security Checks
Título:openSUSE Security Advisory (SUSE-SU-2024:1368-1)
Resumen:The remote host is missing an update for the 'shim' package(s) announced via the SUSE-SU-2024:1368-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'shim' package(s) announced via the SUSE-SU-2024:1368-1 advisory.

Vulnerability Insight:
This update for shim fixes the following issues:

- Update shim-install to set the TPM2 SRK algorithm (bsc#1213945)
- Limit the requirement of fde-tpm-helper-macros to the distro with
suse_version 1600 and above (bsc#1219460)

Update to version 15.8:

Security issues fixed:

- mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)
- avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)
- Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548)
- Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549)
- pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550)
- pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)


The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now.

- Generate dbx during build so we don't include binary files in sources
- Don't require grub so shim can still be used with systemd-boot
- Update shim-install to fix boot failure of ext4 root file system
on RAID10 (bsc#1205855)
- Adopt the macros from fde-tpm-helper-macros to update the
signature in the sealed key after a bootloader upgrade

- Update shim-install to amend full disk encryption support
- Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector
- Use the long name to specify the grub2 key protector
- cryptodisk: support TPM authorized policies
- Do not use tpm_record_pcrs unless the command is in command.lst

- Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to
enable the NX compatibility flag when using post-process-pe after
discussed with grub2 experts in mail. It's useful for further development
and testing. (bsc#1205588)

Affected Software/OS:
'shim' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:A/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2022-28737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28737
https://www.openwall.com/lists/oss-security/2022/06/07/5
Common Vulnerability Exposure (CVE) ID: CVE-2023-40546
RHBZ#2241796
https://bugzilla.redhat.com/show_bug.cgi?id=2241796
RHSA-2024:1834
https://access.redhat.com/errata/RHSA-2024:1834
RHSA-2024:1835
https://access.redhat.com/errata/RHSA-2024:1835
RHSA-2024:1873
https://access.redhat.com/errata/RHSA-2024:1873
RHSA-2024:1876
https://access.redhat.com/errata/RHSA-2024:1876
RHSA-2024:1883
https://access.redhat.com/errata/RHSA-2024:1883
RHSA-2024:1902
https://access.redhat.com/errata/RHSA-2024:1902
RHSA-2024:1903
https://access.redhat.com/errata/RHSA-2024:1903
RHSA-2024:1959
https://access.redhat.com/errata/RHSA-2024:1959
RHSA-2024:2086
https://access.redhat.com/errata/RHSA-2024:2086
https://access.redhat.com/security/cve/CVE-2023-40546
https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-40547
RHBZ#2234589
https://bugzilla.redhat.com/show_bug.cgi?id=2234589
http://www.openwall.com/lists/oss-security/2024/01/26/1
https://access.redhat.com/security/cve/CVE-2023-40547
Common Vulnerability Exposure (CVE) ID: CVE-2023-40548
RHBZ#2241782
https://bugzilla.redhat.com/show_bug.cgi?id=2241782
https://access.redhat.com/security/cve/CVE-2023-40548
Common Vulnerability Exposure (CVE) ID: CVE-2023-40549
RHBZ#2241797
https://bugzilla.redhat.com/show_bug.cgi?id=2241797
https://access.redhat.com/security/cve/CVE-2023-40549
Common Vulnerability Exposure (CVE) ID: CVE-2023-40550
RHBZ#2259915
https://bugzilla.redhat.com/show_bug.cgi?id=2259915
https://access.redhat.com/security/cve/CVE-2023-40550
Common Vulnerability Exposure (CVE) ID: CVE-2023-40551
RHBZ#2259918
https://bugzilla.redhat.com/show_bug.cgi?id=2259918
https://access.redhat.com/security/cve/CVE-2023-40551
CopyrightCopyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.