Описание
Security update for ovmf
This update for ovmf fixes the following issues:
Security issue fixed:
- CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user (bsc#1131361).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP4
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.16.1
SUSE Linux Enterprise Server 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.16.1
ovmf-tools-2017+git1510945757.b2662641d5-3.16.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.16.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.16.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.16.1
ovmf-tools-2017+git1510945757.b2662641d5-3.16.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.16.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.16.1
Ссылки
- Link for SUSE-SU-2019:1157-1
- E-Mail link for SUSE-SU-2019:1157-1
- SUSE Security Ratings
- SUSE Bug 1131361
- SUSE CVE CVE-2019-0161 page
Описание
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.16.1
SUSE Linux Enterprise Server 12 SP4:ovmf-2017+git1510945757.b2662641d5-3.16.1
SUSE Linux Enterprise Server 12 SP4:ovmf-tools-2017+git1510945757.b2662641d5-3.16.1
SUSE Linux Enterprise Server 12 SP4:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.16.1
Ссылки
- CVE-2019-0161
- SUSE Bug 1131361