openSUSE Security Update : gnu-efi / pesign / shim (openSUSE-2015-48)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

shim was updated to fix several security issues.

- OOB read access when parsing DHCPv6 packets (remote DoS)
(CVE-2014-3675).

- Heap overflow when parsing IPv6 addresses provided by
tftp:// DHCPv6 boot option (RCE) (CVE-2014-3676).

- Memory corruption when processing user provided MOK
lists (CVE-2014-3677).

More information is available at
https://bugzilla.novell.com/show_bug.cgi?id=889332

To enable this update gnu-efi was updated to 3.0u and pesign to
version 0.109

See also :

https://bugzilla.novell.com/show_bug.cgi?id=889332
https://bugzilla.opensuse.org/show_bug.cgi?id=798043
https://bugzilla.opensuse.org/show_bug.cgi?id=807760
https://bugzilla.opensuse.org/show_bug.cgi?id=808106
https://bugzilla.opensuse.org/show_bug.cgi?id=813079
https://bugzilla.opensuse.org/show_bug.cgi?id=813448
https://bugzilla.opensuse.org/show_bug.cgi?id=841426
https://bugzilla.opensuse.org/show_bug.cgi?id=863205
https://bugzilla.opensuse.org/show_bug.cgi?id=866690
https://bugzilla.opensuse.org/show_bug.cgi?id=867974
https://bugzilla.opensuse.org/show_bug.cgi?id=872503
https://bugzilla.opensuse.org/show_bug.cgi?id=873857
https://bugzilla.opensuse.org/show_bug.cgi?id=875385
https://bugzilla.opensuse.org/show_bug.cgi?id=877003
https://bugzilla.opensuse.org/show_bug.cgi?id=889332
https://bugzilla.opensuse.org/show_bug.cgi?id=889765

Solution :

Update the affected gnu-efi / pesign / shim packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 80926 ()

Bugtraq ID:

CVE ID: CVE-2014-3675
CVE-2014-3676
CVE-2014-3677

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now