ELSA-2019-0809

Опубликовано: 23 апр. 2019

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2019-0809: ovmf security update (IMPORTANT)

[20180508-3.gitee3198e672e2.el7_6.1]

ovmf-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch [bz#1684006]
ovmf-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch [bz#1684006]
Resolves: bz#1684006 (CVE-2018-12180 OVMF: edk2: Buffer Overflow in BlockIo service for RAM disk [rhel-7.6.z])

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

OVMF

20180508-3.gitee3198e672e2.el7_6.1

Связанные CVE

CVE-2018-12180

Ссылки на источники

Связанные уязвимости

CVE-2018-12180

CVSS3: 8.8

ubuntu

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.3

redhat

больше 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.8

nvd

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.8

debian

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthentic ...

GHSA-9ghw-h32x-5rfx

CVSS3: 8.8

github

около 3 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.