Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 (bsc#1174246).
- CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd (bsc#1196741).
Список пакетов
SUSE Linux Enterprise Server 12 SP4-ESPOS
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-LTSS
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP5
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
SUSE OpenStack Cloud 9
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
SUSE OpenStack Cloud Crowbar 9
ovmf-2017+git1510945757.b2662641d5-3.41.2
ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
Ссылки
- Link for SUSE-SU-2023:1941-1
- E-Mail link for SUSE-SU-2023:1941-1
- SUSE Security Ratings
- SUSE Bug 1174246
- SUSE Bug 1196741
- SUSE CVE CVE-2019-14560 page
- SUSE CVE CVE-2021-38578 page
Описание
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-ESPOS:ovmf-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
Ссылки
- CVE-2019-14560
- SUSE Bug 1174246
Описание
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-ESPOS:ovmf-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:ovmf-tools-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.41.2
SUSE Linux Enterprise Server 12 SP4-ESPOS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.41.2
Ссылки
- CVE-2021-38578
- SUSE Bug 1196741