OESA-2023-1264

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1264

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1264.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2023-1264

Upstream

CVE-2023-30630

Published

2023-04-28T11:05:14Z

Modified

2025-09-03T06:19:09.556699Z

Summary

dmidecode security update

Details

Dmidecode reports information about your system's hardware as described in your system BIOS according to the SMBIOS/DMI standard (see a sample output). This information typically includes system manufacturer, model name, serial number, BIOS version, asset tag as well as a lot of other details of varying level of interest and reliability depending on the manufacturer. This will often include usage status for the CPU sockets, expansion slots (e.g. AGP, PCI, ISA) and memory module slots, and the list of I/O ports (e.g. serial, parallel, USB).DMI data can be used to enable or disable specific portions of kernel code depending on the specific hardware. Thus, one use of dmidecode is for kernel developers to detect system "signatures" and add them to the kernel source code when needed.

Security Fix(es):

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.(CVE-2023-30630)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / dmidecode

Package

Name: dmidecode
Purl: pkg:rpm/openEuler/dmidecode&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2-4.oe1

Ecosystem specific

{
    "aarch64": [
        "dmidecode-3.2-4.oe1.aarch64.rpm",
        "dmidecode-debugsource-3.2-4.oe1.aarch64.rpm",
        "dmidecode-debuginfo-3.2-4.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "dmidecode-debuginfo-3.2-4.oe1.x86_64.rpm",
        "dmidecode-debugsource-3.2-4.oe1.x86_64.rpm",
        "dmidecode-3.2-4.oe1.x86_64.rpm"
    ],
    "src": [
        "dmidecode-3.2-4.oe1.src.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / dmidecode

Package

Name: dmidecode
Purl: pkg:rpm/openEuler/dmidecode&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2-4.oe1

Ecosystem specific

{
    "aarch64": [
        "dmidecode-debuginfo-3.2-4.oe1.aarch64.rpm",
        "dmidecode-debugsource-3.2-4.oe1.aarch64.rpm",
        "dmidecode-3.2-4.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "dmidecode-3.2-4.oe1.x86_64.rpm",
        "dmidecode-debuginfo-3.2-4.oe1.x86_64.rpm",
        "dmidecode-debugsource-3.2-4.oe1.x86_64.rpm"
    ],
    "src": [
        "dmidecode-3.2-4.oe1.src.rpm"
    ]
}

openEuler:22.03-LTS / dmidecode

Package

Name: dmidecode
Purl: pkg:rpm/openEuler/dmidecode&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4-3.oe2203sp1

Ecosystem specific

{
    "aarch64": [
        "dmidecode-3.3-6.oe2203.aarch64.rpm",
        "dmidecode-debugsource-3.3-6.oe2203.aarch64.rpm",
        "dmidecode-debuginfo-3.3-6.oe2203.aarch64.rpm",
        "dmidecode-debugsource-3.4-3.oe2203sp1.aarch64.rpm",
        "dmidecode-3.4-3.oe2203sp1.aarch64.rpm",
        "dmidecode-debuginfo-3.4-3.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "dmidecode-3.3-6.oe2203.x86_64.rpm",
        "dmidecode-debugsource-3.3-6.oe2203.x86_64.rpm",
        "dmidecode-debuginfo-3.3-6.oe2203.x86_64.rpm",
        "dmidecode-debuginfo-3.4-3.oe2203sp1.x86_64.rpm",
        "dmidecode-debugsource-3.4-3.oe2203sp1.x86_64.rpm",
        "dmidecode-3.4-3.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "dmidecode-3.3-6.oe2203.src.rpm",
        "dmidecode-3.4-3.oe2203sp1.src.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / dmidecode

Package

Name: dmidecode
Purl: pkg:rpm/openEuler/dmidecode&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4-3.oe2203sp1

Ecosystem specific

{
    "aarch64": [
        "dmidecode-debugsource-3.4-3.oe2203sp1.aarch64.rpm",
        "dmidecode-3.4-3.oe2203sp1.aarch64.rpm",
        "dmidecode-debuginfo-3.4-3.oe2203sp1.aarch64.rpm"
    ],
    "x86_64": [
        "dmidecode-debuginfo-3.4-3.oe2203sp1.x86_64.rpm",
        "dmidecode-debugsource-3.4-3.oe2203sp1.x86_64.rpm",
        "dmidecode-3.4-3.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "dmidecode-3.4-3.oe2203sp1.src.rpm"
    ]
}