Security update for libksba SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:3681-1 Final 1 1 2022-10-21T08:47:04Z current 2022-10-21T08:47:04Z 2022-10-21T08:47:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libksba This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/ltss/sle12.5/sles12sp5:latest-2022-3681,Container suse/sles12sp4:latest-2022-3681,Container suse/sles12sp5:latest-2022-3681,Image SLES12-SP5-Azure-BYOS-2022-3681,Image SLES12-SP5-Azure-Basic-On-Demand-2022-3681,Image SLES12-SP5-Azure-HPC-BYOS-2022-3681,Image SLES12-SP5-Azure-HPC-On-Demand-2022-3681,Image SLES12-SP5-Azure-SAP-BYOS-2022-3681,Image SLES12-SP5-Azure-SAP-On-Demand-2022-3681,Image SLES12-SP5-Azure-Standard-On-Demand-2022-3681,Image SLES12-SP5-EC2-BYOS-2022-3681,Image SLES12-SP5-EC2-ECS-On-Demand-2022-3681,Image SLES12-SP5-EC2-On-Demand-2022-3681,Image SLES12-SP5-EC2-SAP-BYOS-2022-3681,Image SLES12-SP5-EC2-SAP-On-Demand-2022-3681,Image SLES12-SP5-GCE-BYOS-2022-3681,Image SLES12-SP5-GCE-On-Demand-2022-3681,Image SLES12-SP5-GCE-SAP-BYOS-2022-3681,Image SLES12-SP5-GCE-SAP-On-Demand-2022-3681,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2022-3681,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2022-3681,SUSE-2022-3681,SUSE-OpenStack-Cloud-9-2022-3681,SUSE-OpenStack-Cloud-Crowbar-9-2022-3681,SUSE-SLE-SAP-12-SP4-2022-3681,SUSE-SLE-SDK-12-SP5-2022-3681,SUSE-SLE-SERVER-12-SP2-BCL-2022-3681,SUSE-SLE-SERVER-12-SP3-BCL-2022-3681,SUSE-SLE-SERVER-12-SP4-LTSS-2022-3681,SUSE-SLE-SERVER-12-SP5-2022-3681 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20223681-1/ Link for SUSE-SU-2022:3681-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012596.html E-Mail link for SUSE-SU-2022:3681-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1204357 SUSE Bug 1204357 https://www.suse.com/security/cve/CVE-2022-3515/ SUSE CVE CVE-2022-3515 page Container suse/ltss/sle12.5/sles12sp5:latest Container suse/sles12sp4:latest Container suse/sles12sp5:latest Image SLES12-SP5-Azure-BYOS Image SLES12-SP5-Azure-Basic-On-Demand Image SLES12-SP5-Azure-HPC-BYOS Image SLES12-SP5-Azure-HPC-On-Demand Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-Azure-Standard-On-Demand Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-ECS-On-Demand Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-BYOS Image SLES12-SP5-GCE-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 libksba8-1.3.0-24.3.1 libksba-devel-1.3.0-24.3.1 libksba8-1.3.0-24.3.1 as a component of Container suse/ltss/sle12.5/sles12sp5:latest libksba8-1.3.0-24.3.1 as a component of Container suse/sles12sp4:latest libksba8-1.3.0-24.3.1 as a component of Container suse/sles12sp5:latest libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-Basic-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-HPC-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-HPC-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-Azure-Standard-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-EC2-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-EC2-ECS-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-EC2-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-GCE-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-GCE-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production libksba8-1.3.0-24.3.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server 12 SP5 libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libksba8-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libksba-devel-1.3.0-24.3.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libksba8-1.3.0-24.3.1 as a component of SUSE OpenStack Cloud 9 libksba8-1.3.0-24.3.1 as a component of SUSE OpenStack Cloud Crowbar 9 A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment. CVE-2022-3515 Container suse/ltss/sle12.5/sles12sp5:latest:libksba8-1.3.0-24.3.1 Container suse/sles12sp4:latest:libksba8-1.3.0-24.3.1 Container suse/sles12sp5:latest:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-Basic-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-HPC-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-HPC-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-SAP-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-SAP-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-Azure-Standard-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-EC2-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-EC2-ECS-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-EC2-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-EC2-SAP-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-EC2-SAP-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-GCE-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-GCE-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-GCE-SAP-BYOS:libksba8-1.3.0-24.3.1 Image SLES12-SP5-GCE-SAP-On-Demand:libksba8-1.3.0-24.3.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:libksba8-1.3.0-24.3.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server 12 SP4-LTSS:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server 12 SP5:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libksba8-1.3.0-24.3.1 SUSE Linux Enterprise Software Development Kit 12 SP5:libksba-devel-1.3.0-24.3.1 SUSE OpenStack Cloud 9:libksba8-1.3.0-24.3.1 SUSE OpenStack Cloud Crowbar 9:libksba8-1.3.0-24.3.1 critical 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20223681-1/ https://www.suse.com/security/cve/CVE-2022-3515.html CVE-2022-3515 https://bugzilla.suse.com/1204357 SUSE Bug 1204357 https://bugzilla.suse.com/1204806 SUSE Bug 1204806 https://bugzilla.suse.com/1205080 SUSE Bug 1205080 https://bugzilla.suse.com/1205592 SUSE Bug 1205592 https://bugzilla.suse.com/1205627 SUSE Bug 1205627 https://bugzilla.suse.com/1206244 SUSE Bug 1206244