Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify() (bsc#1177789).
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP1
ovmf-2017+git1510945757.b2662641d5-5.38.1
ovmf-tools-2017+git1510945757.b2662641d5-5.38.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.38.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.38.1
Ссылки
- Link for SUSE-SU-2020:3885-1
- E-Mail link for SUSE-SU-2020:3885-1
- SUSE Security Ratings
- SUSE Bug 1177789
- SUSE CVE CVE-2019-14584 page
Описание
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP1:ovmf-2017+git1510945757.b2662641d5-5.38.1
SUSE Linux Enterprise Module for Server Applications 15 SP1:ovmf-tools-2017+git1510945757.b2662641d5-5.38.1
SUSE Linux Enterprise Module for Server Applications 15 SP1:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.38.1
SUSE Linux Enterprise Module for Server Applications 15 SP1:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.38.1
Ссылки
- CVE-2019-14584
- SUSE Bug 1177789