Security update for ovmf SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:03096-1 Final 1 1 2025-09-08T16:09:37Z current 2025-09-08T16:09:37Z 2025-09-08T16:09:37Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ovmf This update for ovmf fixes the following issues: - CVE-2023-45229: Fixed integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (bsc#1218879) - CVE-2023-45230: Fixed buffer overflow in the DHCPv6 client via a long Server ID option (bsc#1218880) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-3096,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-3096 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202503096-1/ Link for SUSE-SU-2025:03096-1 https://lists.suse.com/pipermail/sle-updates/2025-September/041538.html E-Mail link for SUSE-SU-2025:03096-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1218879 SUSE Bug 1218879 https://bugzilla.suse.com/1218880 SUSE Bug 1218880 https://www.suse.com/security/cve/CVE-2023-45229/ SUSE CVE CVE-2023-45229 page https://www.suse.com/security/cve/CVE-2023-45230/ SUSE CVE CVE-2023-45230 page SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 ovmf-202308-15061.8.coco15sp6.1 ovmf-tools-202308-15061.8.coco15sp6.1 qemu-ovmf-ia32-202308-15061.8.coco15sp6.1 qemu-ovmf-x86_64-202308-15061.8.coco15sp6.1 qemu-ovmf-x86_64-debug-202308-15061.8.coco15sp6.1 qemu-uefi-aarch32-202308-15061.8.coco15sp6.1 qemu-uefi-aarch64-202308-15061.8.coco15sp6.1 ovmf-202308-15061.8.coco15sp6.1 as a component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 ovmf-tools-202308-15061.8.coco15sp6.1 as a component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 qemu-ovmf-x86_64-202308-15061.8.coco15sp6.1 as a component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 qemu-ovmf-x86_64-debug-202308-15061.8.coco15sp6.1 as a component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. CVE-2023-45229 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:ovmf-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:ovmf-tools-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:qemu-ovmf-x86_64-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:qemu-ovmf-x86_64-debug-202308-15061.8.coco15sp6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503096-1/ https://www.suse.com/security/cve/CVE-2023-45229.html CVE-2023-45229 https://bugzilla.suse.com/1218879 SUSE Bug 1218879 EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. CVE-2023-45230 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:ovmf-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:ovmf-tools-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:qemu-ovmf-x86_64-202308-15061.8.coco15sp6.1 SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:qemu-ovmf-x86_64-debug-202308-15061.8.coco15sp6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202503096-1/ https://www.suse.com/security/cve/CVE-2023-45230.html CVE-2023-45230 https://bugzilla.suse.com/1218880 SUSE Bug 1218880