Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler (bsc#1175476).
- Support more SCSI drivers (PvScsi, MptScsi and LsiScsi). (bsc#1119454)
- Enable LsiScsi explicitly since it's disabled by default
Список пакетов
Container suse/sles/15.2/virt-launcher:0.38.1
qemu-ovmf-x86_64-201911-7.5.2
SUSE Linux Enterprise Module for Server Applications 15 SP2
ovmf-201911-7.5.2
ovmf-tools-201911-7.5.2
qemu-ovmf-x86_64-201911-7.5.2
qemu-uefi-aarch64-201911-7.5.2
Ссылки
- Link for SUSE-SU-2020:2691-1
- E-Mail link for SUSE-SU-2020:2691-1
- SUSE Security Ratings
- SUSE Bug 1119454
- SUSE Bug 1175476
- SUSE CVE CVE-2019-14562 page
Описание
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:qemu-ovmf-x86_64-201911-7.5.2
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-201911-7.5.2
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-tools-201911-7.5.2
SUSE Linux Enterprise Module for Server Applications 15 SP2:qemu-ovmf-x86_64-201911-7.5.2
Ссылки
- CVE-2019-14562
- SUSE Bug 1175476