Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: OVMS Important Security Patch 2026:0196-1 for Multiple Issues

suse
Calendar Grey January 21, 2026
Dist Suse Esm H88
This update for ovmf addresses five important vulnerabilities, enhancing security and stability for SUSE users.
An update that solves five vulnerabilities can now be installed.

Summary

## This update for ovmf fixes the following issues: * CVE-2023-45231: Fixed out of bounds read when handling a ND Redirect message with truncated options (bsc#1218881). * CVE-2023-45232: Fixed infinite loop when parsing unknown options in the Destination Options header (bsc#1218882). * CVE-2023-45233: Fixed infinite loop when parsing a PadN option in the Destination Options header (bsc#1218883). * CVE-2023-45234: Fixed buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (bsc#1218884). * CVE-2023-45235: Fixed buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (bsc#1218885). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

* bsc#1218881

* bsc#1218882

* bsc#1218883

* bsc#1218884

* bsc#1218885

Cross-

* CVE-2023-45231

* CVE-2023-45232

* CVE-2023-45233

* CVE-2023-45234

* CVE-2023-45235

CVSS scores:

* CVE-2023-45231 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-45231 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-45231 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-45232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45233 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45233 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:0196-1
Release Date: 2026-01-21T09:05:27Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here