ELSA-2019-0968

Опубликовано: 30 июл. 2019

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2019-0968: edk2 security update (IMPORTANT)

[20180508gitee3198e672e2-9.el8_0]

edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch [bz#1690501]
edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch [bz#1690501]
Resolves: bz#1690501 (CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [rhel-8.0.0.z])

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

edk2-aarch64

20180508gitee3198e672e2-9.el8_0.1

Oracle Linux x86_64

edk2-ovmf

20180508gitee3198e672e2-9.el8_0.1

Связанные CVE

CVE-2018-12180

Ссылки на источники

Связанные уязвимости

CVE-2018-12180

CVSS3: 8.8

ubuntu

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.3

redhat

больше 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.8

nvd

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

CVE-2018-12180

CVSS3: 8.8

debian

около 6 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthentic ...

GHSA-9ghw-h32x-5rfx

CVSS3: 8.8

github

около 3 лет назад

Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.