SUSE update for ovmf

Published: 2025-02-21

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2023-45236 CVE-2023-45237
CWE-ID	CWE-338
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	SUSE Package Hub 15 Operating systems & Components / Operating system Server Applications Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system qemu-ovmf-x86_64-debug Operating systems & Components / Operating system package or component qemu-ovmf-ia32 Operating systems & Components / Operating system package or component qemu-uefi-aarch32 Operating systems & Components / Operating system package or component qemu-ovmf-x86_64 Operating systems & Components / Operating system package or component qemu-uefi-aarch64 Operating systems & Components / Operating system package or component ovmf Operating systems & Components / Operating system package or component ovmf-tools Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

EUVDB-ID: #VU85527

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-45236

CWE-ID: CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a predictable TCP Initial Sequence Number. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package ovmf to the latest version.

Vulnerable software versions

SUSE Package Hub 15: 15-SP6

Server Applications Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

qemu-ovmf-x86_64-debug: before 202308-150600.5.14.1

qemu-ovmf-ia32: before 202308-150600.5.14.1

qemu-uefi-aarch32: before 202308-150600.5.14.1

qemu-ovmf-x86_64: before 202308-150600.5.14.1

qemu-uefi-aarch64: before 202308-150600.5.14.1

ovmf: before 202308-150600.5.14.1

ovmf-tools: before 202308-150600.5.14.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250608-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

EUVDB-ID: #VU85528

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-45237