Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- Fixed a possible buffer overflow in IScsiDxe (bsc#1186151)
- CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo (bsc#1183578)
- CVE-2021-28210: ovmf: unlimited FV recursion, round 2 (bsc#1183579)
Список пакетов
SUSE Enterprise Storage 6
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise Server 15 SP1-BCL
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise Server 15 SP1-LTSS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise Server 15-LTSS
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise Server for SAP Applications 15
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Manager Proxy 4.0
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Manager Retail Branch Server 4.0
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Manager Server 4.0
ovmf-2017+git1510945757.b2662641d5-5.43.1
ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
Ссылки
- Link for SUSE-SU-2021:2161-1
- E-Mail link for SUSE-SU-2021:2161-1
- SUSE Security Ratings
- SUSE Bug 1183578
- SUSE Bug 1183579
- SUSE Bug 1186151
- SUSE CVE CVE-2021-28210 page
- SUSE CVE CVE-2021-28211 page
Описание
An unlimited recursion in DxeCore in EDK II.
Затронутые продукты
SUSE Enterprise Storage 6:ovmf-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
Ссылки
- CVE-2021-28210
- SUSE Bug 1183579
Описание
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Затронутые продукты
SUSE Enterprise Storage 6:ovmf-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:ovmf-tools-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.43.1
SUSE Enterprise Storage 6:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.43.1
Ссылки
- CVE-2021-28211
- SUSE Bug 1183578