Security update for dmidecode SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:2215-1 Final 1 1 2023-05-16T09:25:22Z current 2023-05-16T09:25:22Z 2023-05-16T09:25:22Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for dmidecode This update for dmidecode fixes the following issues: - CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite (bsc#1210418). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro-rancher/5.2:latest-2023-2215,Image SLES15-SP3-BYOS-Azure-2023-2215,Image SLES15-SP3-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-BYOS-GCE-2023-2215,Image SLES15-SP3-CHOST-BYOS-Aliyun-2023-2215,Image SLES15-SP3-CHOST-BYOS-Azure-2023-2215,Image SLES15-SP3-CHOST-BYOS-EC2-2023-2215,Image SLES15-SP3-CHOST-BYOS-GCE-2023-2215,Image SLES15-SP3-CHOST-BYOS-SAP-CCloud-2023-2215,Image SLES15-SP3-HPC-BYOS-Azure-2023-2215,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-HPC-BYOS-GCE-2023-2215,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure-2023-2215,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE-2023-2215,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2023-2215,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2023-2215,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2023-2215,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2023-2215,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2023-2215,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2023-2215,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2023-2215,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2023-2215,Image SLES15-SP3-SAP-BYOS-Azure-2023-2215,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2023-2215,Image SLES15-SP3-SAP-BYOS-GCE-2023-2215,Image SLES15-SP3-SAPCAL-Azure-2023-2215,Image SLES15-SP3-SAPCAL-EC2-HVM-2023-2215,Image SLES15-SP3-SAPCAL-GCE-2023-2215,SUSE-2023-2215,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2215,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2215,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2215,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2215,SUSE-SLE-Product-RT-15-SP3-2023-2215,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2215,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2215,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2215,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2215,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2215,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2215,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2215,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2215,SUSE-SUSE-MicroOS-5.1-2023-2215,SUSE-SUSE-MicroOS-5.2-2023-2215,SUSE-Storage-7-2023-2215,SUSE-Storage-7.1-2023-2215 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20232215-1/ Link for SUSE-SU-2023:2215-1 https://lists.suse.com/pipermail/sle-updates/2023-May/029418.html E-Mail link for SUSE-SU-2023:2215-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1210418 SUSE Bug 1210418 https://www.suse.com/security/cve/CVE-2023-30630/ SUSE CVE CVE-2023-30630 page Container suse/sle-micro-rancher/5.2:latest Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-SAP-CCloud Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Real Time 15 SP3 SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 dmidecode-3.2-150100.9.16.1 dmidecode-3.2-150100.9.16.1 as a component of Container suse/sle-micro-rancher/5.2:latest dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-CHOST-BYOS-SAP-CCloud dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAPCAL-Azure dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM dmidecode-3.2-150100.9.16.1 as a component of Image SLES15-SP3-SAPCAL-GCE dmidecode-3.2-150100.9.16.1 as a component of SUSE Enterprise Storage 7 dmidecode-3.2-150100.9.16.1 as a component of SUSE Enterprise Storage 7.1 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Micro 5.1 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Micro 5.2 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Real Time 15 SP3 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 dmidecode-3.2-150100.9.16.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 dmidecode-3.2-150100.9.16.1 as a component of SUSE Manager Proxy 4.2 dmidecode-3.2-150100.9.16.1 as a component of SUSE Manager Server 4.2 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). CVE-2023-30630 Container suse/sle-micro-rancher/5.2:latest:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-CHOST-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-CHOST-BYOS-EC2:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-CHOST-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-HPC-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-HPC-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAP-BYOS-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAP-BYOS-GCE:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAPCAL-Azure:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAPCAL-EC2-HVM:dmidecode-3.2-150100.9.16.1 Image SLES15-SP3-SAPCAL-GCE:dmidecode-3.2-150100.9.16.1 SUSE Enterprise Storage 7.1:dmidecode-3.2-150100.9.16.1 SUSE Enterprise Storage 7:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Micro 5.1:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Micro 5.2:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Real Time 15 SP3:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server 15 SP1-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server 15 SP2-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server 15 SP3-LTSS:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:dmidecode-3.2-150100.9.16.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:dmidecode-3.2-150100.9.16.1 SUSE Manager Proxy 4.2:dmidecode-3.2-150100.9.16.1 SUSE Manager Server 4.2:dmidecode-3.2-150100.9.16.1 moderate 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20232215-1/ https://www.suse.com/security/cve/CVE-2023-30630.html CVE-2023-30630 https://bugzilla.suse.com/1210418 SUSE Bug 1210418