{"affected":[{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150600.3.3.1","libusdm0":"24.09.0-150600.3.3.1","qatengine":"1.7.0-150600.3.3.1","qatlib":"24.09.0-150600.3.3.1","qatlib-devel":"24.09.0-150600.3.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"qatengine","purl":"pkg:rpm/suse/qatengine&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150600.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150600.3.3.1","libusdm0":"24.09.0-150600.3.3.1","qatengine":"1.7.0-150600.3.3.1","qatlib":"24.09.0-150600.3.3.1","qatlib-devel":"24.09.0-150600.3.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP6","name":"qatlib","purl":"pkg:rpm/suse/qatlib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150600.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150600.3.3.1","libusdm0":"24.09.0-150600.3.3.1","qatengine":"1.7.0-150600.3.3.1","qatlib":"24.09.0-150600.3.3.1","qatlib-devel":"24.09.0-150600.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"qatengine","purl":"pkg:rpm/opensuse/qatengine&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.7.0-150600.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libqat4":"24.09.0-150600.3.3.1","libusdm0":"24.09.0-150600.3.3.1","qatengine":"1.7.0-150600.3.3.1","qatlib":"24.09.0-150600.3.3.1","qatlib-devel":"24.09.0-150600.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"qatlib","purl":"pkg:rpm/opensuse/qatlib&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.09.0-150600.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for qatengine, qatlib fixes the following issues:\n\nNote that the 1.6.1 release included in 1.7.0 fixes the following vulnerabilities:\n\n* CVE-2024-28885: Fixed observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. (bsc#1233363)\n* CVE-2024-31074: Fixed observable timing discrepancy may allow information disclosure via network access  (bsc#1233365)\n* CVE-2024-33617: Fixed insufficient control flow management may allow information disclosure via network access (bsc#1233366)\n\nqatengine was updated to 1.7.0:\n\n  * ipp-crypto name change to cryptography-primitives\n  * QAT_SW GCM memory leak fix in cleanup function\n  * Update limitation section in README for v1.7.0 release\n  * Fix build with OPENSSL_NO_ENGINE\n  * Fix for build issues with qatprovider in qatlib\n  * Bug fixes and README updates to v1.7.0\n  * Remove qat_contig_mem driver support\n  * Add support for building QAT Engine ENGINE and PROVIDER modules\n    with QuicTLS 3.x libraries\n  * Fix for DSA issue with openssl3.2\n  * Fix missing lower bounds check on index i\n  * Enabled SW Fallback support for FBSD\n  * Fix for segfault issue when SHIM config section is unavailable\n  * Fix for Coverity & Resource leak\n  * Fix for RSA failure with SVM enabled in openssl-3.2\n  * SM3 Memory Leak Issue Fix\n  * Fix qatprovider lib name issue with system openssl\n\nUpdate to 1.6.0:\n\n  * Fix issue with make depend for QAT_SW\n  * QAT_HW GCM Memleak fix & bug fixes\n  * QAT2.0 FreeBSD14 intree driver support\n  * Fix OpenSSL 3.2 compatibility issues\n  * Optimize hex dump logging\n  * Clear job tlv on error\n  * QAT_HW RSA Encrypt and Decrypt provider support\n  * QAT_HW AES-CCM Provider support\n  * Add ECDH keymgmt support for provider\n  * Fix QAT_HW SM2 memory leak \n  * Enable qaeMemFreeNonZeroNUMA() for qatlib \n  * Fix polling issue for the process that doesn't have QAT_HW instance\n  * Fix SHA3 qctx initialization issue & potential memleak \n  * Fix compilation error in SM2 with qat_contig_mem \n  * Update year in copyright information to 2024 \n\n- update to 24.09.0:\n  * Improved performance scaling in multi-thread applications\n  * Set core affinity mapping based on NUMA\n    (libnuma now required for building)\n  * bug fixes, see https://github.com/intel/qatlib#resolved-issues\n\n- version update to 24.02.0\n  * Support DC NS (NoSession) APIs\n  * Support Symmetric Crypto SM3 & SM4\n  * Support Asymmetric Crypto SM2\n  * Support DC CompressBound APIs\n  * Bug Fixes. See Resolved section in README.md\n","id":"SUSE-SU-2025:4053-1","modified":"2025-11-11T13:46:58Z","published":"2025-11-11T13:46:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20254053-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233363"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233365"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233366"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-28885"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-31074"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-33617"}],"related":["CVE-2024-28885","CVE-2024-31074","CVE-2024-33617"],"summary":"Security update for qatengine, qatlib","upstream":["CVE-2024-28885","CVE-2024-31074","CVE-2024-33617"]}