Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2021:1412-1 Critical: Libnettle Out-Of-Range Issue

suse
Calendar Grey April 28, 2021
Dist Suse Esm H88
A vital security notification for SUSE concerning a major vulnerability in libnettle. Make certain your systems are updated.
An update that fixes one vulnerability is now available

Summary

This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars (bsc#1184401). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE MicroOS 5.0: zypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-1412=1 - SUSE Manager Server 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1412=1 - SUSE Manager Retail Branch Server 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1412=1 - SUSE Manager Proxy 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1412=1

Topics%20covered

Topics Covered

security advisory critical SUSE Manager SUSE Manager Proxy libnettle SUSE MicroOS SLES SAP

References

#1184401

Cross- CVE-2021-20305

CVSS scores:

CVE-2021-20305 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-20305 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE MicroOS 5.0

SUSE Manager Server 4.0

SUSE Manager Retail Branch Server 4.0

SUSE Manager Proxy 4.0

SUSE Linux Enterprise Server for SAP 15-SP1

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server 15-SP1-LTSS

SUSE Linux Enterprise Server 15-SP1-BCL

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Module for Basesystem 15-SP3

SUSE Linux Enterprise Module for Basesystem 15-SP2

SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS

SUSE Linux Enterprise High Pe...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:1412-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical SUSE Manager SUSE Manager Proxy libnettle SUSE MicroOS SLES SAP

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here