Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:0972-1

Опубликовано: 29 мар. 2021
Источник: suse-cvrf

Описание

Security update for ovmf

This update for ovmf fixes the following issues:

  • CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo (bsc#1183578)
  • CVE-2021-28210: ovmf: unlimited FV recursion, round 2 (bsc#1183579)

Список пакетов

Container suse/sles/15.2/virt-launcher:0.38.1
qemu-ovmf-x86_64-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2
ovmf-201911-7.11.1
ovmf-tools-201911-7.11.1
qemu-ovmf-x86_64-201911-7.11.1
qemu-uefi-aarch64-201911-7.11.1

Ссылки

Описание

An unlimited recursion in DxeCore in EDK II.

Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:qemu-ovmf-x86_64-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-tools-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:qemu-ovmf-x86_64-201911-7.11.1
Ссылки

Описание

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.

Затронутые продукты
Container suse/sles/15.2/virt-launcher:0.38.1:qemu-ovmf-x86_64-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:ovmf-tools-201911-7.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP2:qemu-ovmf-x86_64-201911-7.11.1
Ссылки