Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:0766-1

Опубликовано: 27 мар. 2019
Источник: suse-cvrf

Описание

Security update for ovmf

This update for ovmf fixes the following issues:

Security issues fixed:

  • CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe (bsc#1130267).
  • CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used (bsc#1128503).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP4
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.13.1
ovmf-tools-2017+git1510945757.b2662641d5-3.13.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.13.1
ovmf-tools-2017+git1510945757.b2662641d5-3.13.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.13.1

Ссылки

Описание

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:ovmf-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:ovmf-tools-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
Ссылки

Описание

Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:ovmf-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:ovmf-tools-2017+git1510945757.b2662641d5-3.13.1
SUSE Linux Enterprise Server 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.13.1
Ссылки