SUSE-SU-2025:4053-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20254053-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4053-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:4053-1
- Upstream
- Related
- Published
- 2025-11-11T13:46:58Z
- Modified
- 2025-11-12T12:18:01.360744Z
- Summary
- Security update for qatengine, qatlib
- Details
-
This update for qatengine, qatlib fixes the following issues:
Note that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities:
- CVE-2024-28885: Fixed observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. (bsc#1233363)
- CVE-2024-31074: Fixed observable timing discrepancy may allow information disclosure via network access (bsc#1233365)
- CVE-2024-33617: Fixed insufficient control flow management may allow information disclosure via network access (bsc#1233366)
qatengine was updated to 1.7.0:
- ipp-crypto name change to cryptography-primitives
- QAT_SW GCM memory leak fix in cleanup function
- Update limitation section in README for v1.7.0 release
- Fix build with OPENSSLNOENGINE
- Fix for build issues with qatprovider in qatlib
- Bug fixes and README updates to v1.7.0
- Remove qatcontigmem driver support
- Add support for building QAT Engine ENGINE and PROVIDER modules with QuicTLS 3.x libraries
- Fix for DSA issue with openssl3.2
- Fix missing lower bounds check on index i
- Enabled SW Fallback support for FBSD
- Fix for segfault issue when SHIM config section is unavailable
- Fix for Coverity & Resource leak
- Fix for RSA failure with SVM enabled in openssl-3.2
- SM3 Memory Leak Issue Fix
- Fix qatprovider lib name issue with system openssl
Update to 1.6.0:
- Fix issue with make depend for QAT_SW
- QAT_HW GCM Memleak fix & bug fixes
- QAT2.0 FreeBSD14 intree driver support
- Fix OpenSSL 3.2 compatibility issues
- Optimize hex dump logging
- Clear job tlv on error
- QAT_HW RSA Encrypt and Decrypt provider support
- QAT_HW AES-CCM Provider support
- Add ECDH keymgmt support for provider
- Fix QAT_HW SM2 memory leak
- Enable qaeMemFreeNonZeroNUMA() for qatlib
- Fix polling issue for the process that doesn't have QAT_HW instance
- Fix SHA3 qctx initialization issue & potential memleak
- Fix compilation error in SM2 with qatcontigmem
Update year in copyright information to 2024
- update to 24.09.0:
- Improved performance scaling in multi-thread applications
- Set core affinity mapping based on NUMA (libnuma now required for building)
bug fixes, see https://github.com/intel/qatlib#resolved-issues
- version update to 24.02.0
- Support DC NS (NoSession) APIs
- Support Symmetric Crypto SM3 & SM4
- Support Asymmetric Crypto SM2
- Support DC CompressBound APIs
- Bug Fixes. See Resolved section in README.md
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20254053-1/
- https://bugzilla.suse.com/1233363
- https://bugzilla.suse.com/1233365
- https://bugzilla.suse.com/1233366
- https://www.suse.com/security/cve/CVE-2024-28885
- https://www.suse.com/security/cve/CVE-2024-31074
- https://www.suse.com/security/cve/CVE-2024-33617