SUSE-SU-2019:0581-1: important: Security update for ovmf

sle-security-updates at sle-security-updates at
Mon Mar 11 11:10:53 MDT 2019

   SUSE Security Update: Security update for ovmf

Announcement ID:    SUSE-SU-2019:0581-1
Rating:             important
References:         #1127820 #1127821 #1127822 
Cross-References:   CVE-2018-12178 CVE-2018-12180 CVE-2018-3630
Affected Products:
                    SUSE Linux Enterprise Server 12-SP4
                    SUSE Linux Enterprise Desktop 12-SP4

   An update that fixes three vulnerabilities is now available.


   This update for ovmf fixes the following issues:

   Security issues fixed:

   - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could
     lead to memory read/write overrun (bsc#1127820).
   - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS
     packet (bsc#1127821).
   - CVE-2018-3630: Fixed a logic error in FV parsing which could allow a
     local attacker to bypass the chain of trust checks (bsc#1127822).

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-SP4:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-581=1

   - SUSE Linux Enterprise Desktop 12-SP4:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-581=1

Package List:

   - SUSE Linux Enterprise Server 12-SP4 (aarch64 x86_64):


   - SUSE Linux Enterprise Server 12-SP4 (noarch):


   - SUSE Linux Enterprise Desktop 12-SP4 (noarch):



More information about the sle-security-updates mailing list