Описание
Security update for ovmf
This update for ovmf fixes the following issues:
Security issue fixed:
- CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user (bsc#1131361).
Список пакетов
SUSE Linux Enterprise Server 12 SP3
ovmf-2017+git1492060560.b6d11d7c46-4.26.1
ovmf-tools-2017+git1492060560.b6d11d7c46-4.26.1
qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.26.1
qemu-uefi-aarch64-2017+git1492060560.b6d11d7c46-4.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
ovmf-2017+git1492060560.b6d11d7c46-4.26.1
ovmf-tools-2017+git1492060560.b6d11d7c46-4.26.1
qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.26.1
qemu-uefi-aarch64-2017+git1492060560.b6d11d7c46-4.26.1
Ссылки
- Link for SUSE-SU-2019:1204-1
- E-Mail link for SUSE-SU-2019:1204-1
- SUSE Security Ratings
- SUSE Bug 1131361
- SUSE CVE CVE-2019-0161 page
Описание
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP3:ovmf-2017+git1492060560.b6d11d7c46-4.26.1
SUSE Linux Enterprise Server 12 SP3:ovmf-tools-2017+git1492060560.b6d11d7c46-4.26.1
SUSE Linux Enterprise Server 12 SP3:qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.26.1
SUSE Linux Enterprise Server 12 SP3:qemu-uefi-aarch64-2017+git1492060560.b6d11d7c46-4.26.1
Ссылки
- CVE-2019-0161
- SUSE Bug 1131361