SUSE SLED15 / SLES15 / openSUSE 15 Security Update : liboqs, oqs-provider (SUSE-SU-2025:0005-1)

high Nessus Plugin ID 213486

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0005-1 advisory.

This update supplies the new FIPS standardized ML-KEM, ML-DSA, SHL-DSA algorithms.

This update liboqs to 0.12.0:

- This release updates the ML-DSA implementation to the [final FIPS 204](https://csrc.nist.gov/pubs/fips/204/final) version. This release still includes the NIST Round 3 version of Dilithium for interoperability purposes, but we plan to remove Dilithium Round 3 in a future release.
- This will be the last release of liboqs to include Kyber (that is, the NIST Round 3 version of Kyber, prior to its standardization by NIST as ML-KEM in FIPS 203). Applications should switch to ML-KEM (FIPS 203).
- The addition of ML-DSA FIPS 204 final version to liboqs has introduced a new signature API which includes a context string parameter. We are planning to remove the old version of the API without a context string in the next release to streamline the API and bring it in line with NIST specifications. Users who have an opinion on this removal are invited to provide input at https://github.com/open-quantum-safe/liboqs/issues/2001.

Security issues:

- CVE-2024-54137: Fixed bug in HQC decapsulation that leads to incorrect shared secret value during decapsulation when called with an invalid ciphertext. (bsc#1234292)
- new library major version 7

Updated to 0.11.0:

* This release updates ML-KEM implementations to their final FIPS 203 https://csrc.nist.gov/pubs/fips/203/final versions .
* This release still includes the NIST Round 3 version of Kyber for interoperability purposes, but we plan to remove Kyber Round 3 in a future release.
* Additionally, this release adds support for MAYO and CROSS digital signature schemes from [NIST Additional Signatures Round 1 https://csrc.nist.gov/Projects/pqc-dig-sig/round-1-additional-signatures along with stateful hash-based signature schemes XMSS https://datatracker.ietf.org/doc/html/rfc8391 and LMS https://datatracker.ietf.org/doc/html/rfc8554.
* Finally, this release provides formally verified implementations of Kyber-512 and Kyber-768 from libjade https://github.com/formosa-crypto/libjade/releases/tag/release%2F2023.05-2
* LMS and XMSS are disabled by default due to the security risks associated with their use in software.
See the note on stateful hash-based signatures in CONFIGURE.md
* Key encapsulation mechanisms:
- Kyber: Added formally-verified portable C and AVX2 implementations of Kyber-512 and Kyber-768 from libjade.
- ML-KEM: Updated portable C and AVX2 implementations of ML-KEM-512, ML-KEM-768, and ML-KEM-1024 to FIP 203 version.
- Kyber: Patched ARM64 implementations of Kyber-512, Kyber-768, and Kyber-1024 to work with AddressSanitizer.
* Digital signature schemes:
- LMS/XMSS: Added implementations of stateful hash-based signature schemes: XMSS and LMS
- MAYO: Added portable C and AVX2 implementations of MAYO signature scheme from NIST Additional Signatures Round 1.
- CROSS: Added portable C and AVX2 implementations of CROSS signature scheme from NIST Additional Signatures Round 1.
* Other changes:
- Added callback API to use custom implementations of AES, SHA2, and SHA3.
- Refactor SHA3 implementation to use OpenSSL's EVP_DigestSqueeze() API.

- new library major version 6

Updated to 0.10.1:

- This release is a security release which fixes potential non-constant-time behaviour in ML-KEM and Kyber. (bsc#1226162 CVE-2024-36405) It also includes a fix for incorrectly named macros in the ML-DSA implementation.

updated to 0.10.0:

Key encapsulation mechanisms:

- BIKE: Updated portable C implementation to include constant-time fixes from upstream.
- HQC: Updated to NIST Round 4 version.
- ML-KEM: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML- KEM-512, ML-KEM-768, and ML-KEM-1024.

Digital signature schemes:

- Falcon: Updated portable C, AVX2, and AArch64 implementations to support fixed-length (PADDED-format) signatures. Fixed the maximum length of variable-length signatures to comply with the NIST Round 3 specification.
- ML-DSA: Added portable C and AVX2 implementations of Initial Public Draft (IPD) versions of ML-DSA-44, ML-DSA-65, and ML-DSA-87.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 213486

File Name: suse_SU-2025-0005-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/4/2025

Updated: 1/4/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C

CVSS Score Source: CVE-2024-37305

CVSS v3

Risk Factor: High

Base Score: 8.2

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:oqs-provider, p-cpe:/a:novell:suse_linux:liboqs7, p-cpe:/a:novell:suse_linux:liboqs-devel, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/2/2025

Vulnerability Publication Date: 6/10/2024

Reference Information

CVE: CVE-2024-36405, CVE-2024-37305, CVE-2024-54137

SuSE: SUSE-SU-2025:0005-1

Detections

Analytics