Описание
ELSA-2024-11219: edk2:20240524 security update (MODERATE)
[20240524-6.0.1.el9_5.3]
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631]
- Resolves: RHEL-58631 ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater)
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230]
- Resolves: RHEL-66230 ([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725]
- Resolves: RHEL-65725 ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833]
- Resolves: RHEL-56248 (507x510 display resolution should not crash the firmware [edk2,rhel-9.6])
- Resolves: RHEL-60833 (CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6])
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
edk2-aarch64
20240524-6.0.1.el9_5.3
edk2-ovmf
20240524-6.0.1.el9_5.3
edk2-tools
20240524-6.0.1.el9_5.3
edk2-tools-doc
20240524-6.0.1.el9_5.3
Oracle Linux x86_64
edk2-aarch64
20240524-6.0.1.el9_5.3
edk2-ovmf
20240524-6.0.1.el9_5.3
edk2-tools
20240524-6.0.1.el9_5.3
edk2-tools-doc
20240524-6.0.1.el9_5.3
Связанные CVE
Связанные уязвимости
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An A ...