Security update for ovmf SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0421-1 Final 1 1 2025-02-11T10:28:25Z current 2025-02-11T10:28:25Z 2025-02-11T10:28:25Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ovmf This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA options in DHCPv6 Advertise messages. (bsc#1218879) - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. (bsc#1218880) - CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect message with truncated options. (bsc#1218881) - CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the Destination Options header. (bsc#1218882) - CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the Destination Options header. (bsc#1218883) - CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options in a DHCPv6 Advertise message. (bsc#1218884) - CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option in a DHCPv6 proxy Advertise message. (bsc#1218885) - CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network packages. (bsc#1218886) - CVE-2023-45237: use of a weak pseudorandom number generator in edk2. (bsc#1218887) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-421,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-421,SUSE-SLE-Module-Server-Applications-15-SP6-2025-421,openSUSE-SLE-15.6-2025-421 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ Link for SUSE-SU-2025:0421-1 https://lists.suse.com/pipermail/sle-security-updates/2025-February/020305.html E-Mail link for SUSE-SU-2025:0421-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1218879 SUSE Bug 1218879 https://bugzilla.suse.com/1218880 SUSE Bug 1218880 https://bugzilla.suse.com/1218881 SUSE Bug 1218881 https://bugzilla.suse.com/1218882 SUSE Bug 1218882 https://bugzilla.suse.com/1218883 SUSE Bug 1218883 https://bugzilla.suse.com/1218884 SUSE Bug 1218884 https://bugzilla.suse.com/1218885 SUSE Bug 1218885 https://bugzilla.suse.com/1218886 SUSE Bug 1218886 https://bugzilla.suse.com/1218887 SUSE Bug 1218887 https://www.suse.com/security/cve/CVE-2023-45229/ SUSE CVE CVE-2023-45229 page https://www.suse.com/security/cve/CVE-2023-45230/ SUSE CVE CVE-2023-45230 page https://www.suse.com/security/cve/CVE-2023-45231/ SUSE CVE CVE-2023-45231 page https://www.suse.com/security/cve/CVE-2023-45232/ SUSE CVE CVE-2023-45232 page https://www.suse.com/security/cve/CVE-2023-45233/ SUSE CVE CVE-2023-45233 page https://www.suse.com/security/cve/CVE-2023-45234/ SUSE CVE CVE-2023-45234 page https://www.suse.com/security/cve/CVE-2023-45235/ SUSE CVE CVE-2023-45235 page https://www.suse.com/security/cve/CVE-2023-45236/ SUSE CVE CVE-2023-45236 page https://www.suse.com/security/cve/CVE-2023-45237/ SUSE CVE CVE-2023-45237 page SUSE Linux Enterprise Module for Package Hub 15 SP6 SUSE Linux Enterprise Module for Server Applications 15 SP6 openSUSE Leap 15.6 ovmf-202308-150600.5.9.1 ovmf-tools-202308-150600.5.9.1 qemu-ovmf-ia32-202308-150600.5.9.1 qemu-ovmf-x86_64-202308-150600.5.9.1 qemu-ovmf-x86_64-debug-202308-150600.5.9.1 qemu-uefi-aarch32-202308-150600.5.9.1 qemu-uefi-aarch64-202308-150600.5.9.1 qemu-ovmf-x86_64-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 qemu-ovmf-x86_64-debug-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 qemu-uefi-aarch32-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 qemu-uefi-aarch64-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP6 ovmf-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 ovmf-tools-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 qemu-ovmf-x86_64-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 qemu-uefi-aarch64-202308-150600.5.9.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 ovmf-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 ovmf-tools-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 qemu-ovmf-ia32-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 qemu-ovmf-x86_64-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 qemu-ovmf-x86_64-debug-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 qemu-uefi-aarch32-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 qemu-uefi-aarch64-202308-150600.5.9.1 as a component of openSUSE Leap 15.6 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. CVE-2023-45229 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45229.html CVE-2023-45229 https://bugzilla.suse.com/1218879 SUSE Bug 1218879 EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. CVE-2023-45230 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45230.html CVE-2023-45230 https://bugzilla.suse.com/1218880 SUSE Bug 1218880 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. CVE-2023-45231 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45231.html CVE-2023-45231 https://bugzilla.suse.com/1218881 SUSE Bug 1218881 EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. CVE-2023-45232 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45232.html CVE-2023-45232 https://bugzilla.suse.com/1218882 SUSE Bug 1218882 EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. CVE-2023-45233 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45233.html CVE-2023-45233 https://bugzilla.suse.com/1218883 SUSE Bug 1218883 EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. CVE-2023-45234 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45234.html CVE-2023-45234 https://bugzilla.suse.com/1218884 SUSE Bug 1218884 EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. CVE-2023-45235 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45235.html CVE-2023-45235 https://bugzilla.suse.com/1218885 SUSE Bug 1218885 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. CVE-2023-45236 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45236.html CVE-2023-45236 https://bugzilla.suse.com/1218886 SUSE Bug 1218886 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. CVE-2023-45237 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch32-202308-150600.5.9.1 SUSE Linux Enterprise Module for Package Hub 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:ovmf-tools-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-ovmf-x86_64-202308-150600.5.9.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:qemu-uefi-aarch64-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-202308-150600.5.9.1 openSUSE Leap 15.6:ovmf-tools-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-ia32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-ovmf-x86_64-debug-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch32-202308-150600.5.9.1 openSUSE Leap 15.6:qemu-uefi-aarch64-202308-150600.5.9.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250421-1/ https://www.suse.com/security/cve/CVE-2023-45237.html CVE-2023-45237 https://bugzilla.suse.com/1218887 SUSE Bug 1218887