dmidecode-3.3-7.el9.1

エラータID: AXSA:2023-6397:01

Release date: 
Wednesday, September 20, 2023 - 01:08
Subject: 
dmidecode-3.3-7.el9.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface (EFI), depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.

Security Fix(es):

* dmidecode: dump-bin to overwrite a local file (CVE-2023-30630)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.

Solution: 

Update packages.

CVEs: 
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
Additional Info: 

N/A

Download: 

SRPMS
  1. dmidecode-3.3-7.el9.1.src.rpm
    MD5: 5f0988d0d76dbbb0341f50bfe06196db
    SHA-256: e73f8bf547e2350662bcff50dbc352c27f90b4537efd32d7d224cd83575597ba
    Size: 76.04 kB

Asianux Server 9 for x86_64
  1. dmidecode-3.3-7.el9.1.x86_64.rpm
    MD5: 0c2b4e52f0e15c0f42d472376f1c4bc0
    SHA-256: 8b11043f117b0108a1cb56c8432e6d9318e77605821b693cf6102131e436bb25
    Size: 85.85 kB