Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE 2024:3081-1 Important: Kernel Firmware Malicious Access Fix

suse
Calendar Grey September 2, 2024
Dist Suse Esm H88
Critical kernel-firmware security notice regarding CVE-2023-31315 affecting SUSE Linux systems. Urgent installation required!
* bsc#1229069 Cross-References: * CVE-2023-31315

Summary

## This update for kernel-firmware fixes the following issues: * CVE-2023-31315: Fixed validation in a model specific register (MSR) that lead to modification of SMM configuration by malicious program with ring0 access (bsc#1229069)

Topics%20covered

Topics Covered

security advisory important kernel fix suse malicious access kernel firmware cvss score

References

* bsc#1229069

Cross-

* CVE-2023-31315

CVSS scores:

* CVE-2023-31315 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5

* openSUSE Leap 15.5

* openSUSE Leap Micro 5.5

* SUSE Linux Enterprise Desktop 15 SP5

* SUSE Linux Enterprise High Performance Computing 15 SP5

* SUSE Linux Enterprise Micro 5.5

* SUSE Linux Enterprise Real Time 15 SP5

* SUSE Linux Enterprise Server 15 SP5

* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

##

* https://www.suse.com/security/cve/CVE-2023-31315.html

* https://bugzilla.suse.com/show_bug.cgi?id=1229069

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3081-1
Rating: important

Topics%20covered

Topics Covered

security advisory important kernel fix suse malicious access kernel firmware cvss score

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here