Detections
Analytics

Debian dsa-5624 : ovmf - security update

high Nessus Plugin ID 190574

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5624 advisory.

 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5624-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 14, 2024 https://www.debian.org/security/faq
 - -------------------------------------------------------------------------

 Package : edk2 CVE ID : CVE-2023-48733

 Mate Kukri discovered the Debian build of EDK2, a UEFI firmware implementation, used an insecure default configuration which could result in Secure Boot bypass via the UEFI shell.

 This updates disables the UEFI shell if Secure Boot is used.

 For the oldstable distribution (bullseye), this problem has been fixed in version 2020.11-2+deb11u2.

 For the stable distribution (bookworm), this problem has been fixed in version 2022.11-6+deb12u1. This update also addresses several security issues in the ipv6 network stack (CVE-2022-36763, CVE-2022-36764, CVE-2022-36765, CVE-2023-45230, CVE-2023-45229, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235)

 We recommend that you upgrade your edk2 packages.

 For the detailed security status of edk2 please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/edk2

 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

 Mailing list: [email protected]
 -----BEGIN PGP SIGNATURE-----

 iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXNGWIACgkQEMKTtsN8 TjaBVg/8D3psWKk7kf9Ht+2Bbfsp5cN63qKRPAXTDjGELCp+98Dd7CUaZnCCxA4w W0xAqWdHWkx+PbgyLJ3aPzttL//yk3ZIBEXl6pw/o2jicFlf7ds1zlJFZJbfl63h Vb9cJCjrgnPgH6SLfQeHckad5876LE78xl5mukRyL3ZWeSHOBRavFvct14H2qDAM quXtQKHtw6NOVc3ZciSHbBhjNG+hhPJL0eZ6HSDf2MI5ulYjMcNwgVm7jEwOGq4l VUowCNbJ71PzI5T26H2HqDkQTCFEEZJzjt3PDStVT7hnhVpbUqtvJxjHYruuWzPI FwpjIyA9LkQqP4CRVgK/6+FeuE/F28iUkrStXzPYAXPUzJ7GWSFfz16ViyuUJf6s pWpMhcruIwBnH1iLQt68hFodiCcJeQaim3u3cQfFsE4YvlTPzj9NddoBzXsCdG81 EfeFH9/J1iEkKxQ76Ocw8TiLhVe2C09MVqIKCB9YDf1ESR6TaBV7Hdx0Dh7XOVc9 +symHPmLP/0Bt7rIQXCi/aYz96qtl5/wHSWiEWRCogSUOJ05OEF+/QJqWWIrim4Z 9RMW9BZCGJBaUi83Ye+HUdxjnZkpT5kMiEH2y7CY85R5fuBMn4GC8gf66hcxT4mi lzLMpt/jtdH3h0J9MKFq85TlPf9pxGAF/o3Neg5KtSmYVKqbkIs= =yQYY
 -----END PGP SIGNATURE-----



Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the ovmf packages.

See Also

https://security-tracker.debian.org/tracker/source-package/edk2

https://security-tracker.debian.org/tracker/CVE-2022-36763

https://security-tracker.debian.org/tracker/CVE-2022-36764

https://security-tracker.debian.org/tracker/CVE-2022-36765

https://security-tracker.debian.org/tracker/CVE-2023-45229

https://security-tracker.debian.org/tracker/CVE-2023-45230

https://security-tracker.debian.org/tracker/CVE-2023-45231

https://security-tracker.debian.org/tracker/CVE-2023-45232

https://security-tracker.debian.org/tracker/CVE-2023-45233

https://security-tracker.debian.org/tracker/CVE-2023-45234

https://security-tracker.debian.org/tracker/CVE-2023-45235

https://security-tracker.debian.org/tracker/CVE-2023-48733

https://packages.debian.org/source/bookworm/edk2

https://packages.debian.org/source/bullseye/edk2

Plugin Details

Severity: High

ID: 190574

File Name: debian_DSA-5624.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2/15/2024

Updated: 1/24/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-45235

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:qemu-efi-aarch64, p-cpe:/a:debian:debian_linux:ovmf, p-cpe:/a:debian:debian_linux:qemu-efi, p-cpe:/a:debian:debian_linux:ovmf-ia32, p-cpe:/a:debian:debian_linux:qemu-efi-arm, cpe:/o:debian:debian_linux:12.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/14/2024

Vulnerability Publication Date: 1/9/2024

Reference Information

CVE: CVE-2022-36763, CVE-2022-36764, CVE-2022-36765, CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-48733