Описание
Moderate: edk2 security update
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
-
mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129)
-
openssl: Excessive time spent checking invalid RSA public keys (CVE-2023-6237)
-
openssl: denial of service via null dereference (CVE-2024-0727)
-
edk2: Temporary DoS vulnerability (CVE-2024-1298)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 9
Связанные CVE
Ссылки на источники
Исправления
- Red Hat - 2257571
- Red Hat - 2258502
- Red Hat - 2259944
- Red Hat - 2284243
Связанные уязвимости
ELSA-2024-2447: openssl and openssl-fips-provider security update (LOW)
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the wors...