Описание
[REJECTED CVE] A flaw was found in ovmf. A logic error in FV parsing allows local/physical attacker to bypass chain-of-trust integrity checks.
Отчет
Please note that, this CVE has been rejected upstream.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | ovmf | Not affected | ||
| Red Hat Enterprise Linux 8 | edk2 | Not affected | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-295
https://bugzilla.redhat.com/show_bug.cgi?id=1683653ovmf: Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c
7.6 High
CVSS3
Связанные уязвимости
ubuntu
больше 5 лет назад
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.
nvd
больше 5 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none
7.6 High
CVSS3