Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:1940-1

Опубликовано: 21 апр. 2023
Источник: suse-cvrf

Описание

Security update for ovmf

This update for ovmf fixes the following issues:

  • CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 (bsc#1174246).
  • CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd (bsc#1196741).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
ovmf-2017+git1510945757.b2662641d5-150000.5.46.1
ovmf-tools-2017+git1510945757.b2662641d5-150000.5.46.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-150000.5.46.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise Server 15 SP1-LTSS
ovmf-2017+git1510945757.b2662641d5-150000.5.46.1
ovmf-tools-2017+git1510945757.b2662641d5-150000.5.46.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-150000.5.46.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
ovmf-2017+git1510945757.b2662641d5-150000.5.46.1
ovmf-tools-2017+git1510945757.b2662641d5-150000.5.46.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-150000.5.46.1

Ссылки

Описание

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ovmf-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ovmf-tools-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-150000.5.46.1
Ссылки

Описание

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ovmf-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:ovmf-tools-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-150000.5.46.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-150000.5.46.1
Ссылки