Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify() (bsc#1177789).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
ovmf-2017+git1510945757.b2662641d5-lp151.11.12.1
ovmf-tools-2017+git1510945757.b2662641d5-lp151.11.12.1
qemu-ovmf-ia32-2017+git1510945757.b2662641d5-lp151.11.12.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-lp151.11.12.1
qemu-ovmf-x86_64-debug-2017+git1510945757.b2662641d5-lp151.11.12.1
Ссылки
- E-Mail link for openSUSE-SU-2020:2336-1
- SUSE Security Ratings
- SUSE Bug 1177789
- SUSE CVE CVE-2019-14584 page
Описание
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Затронутые продукты
openSUSE Leap 15.1:ovmf-2017+git1510945757.b2662641d5-lp151.11.12.1
openSUSE Leap 15.1:ovmf-tools-2017+git1510945757.b2662641d5-lp151.11.12.1
openSUSE Leap 15.1:qemu-ovmf-ia32-2017+git1510945757.b2662641d5-lp151.11.12.1
openSUSE Leap 15.1:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-lp151.11.12.1
Ссылки
- CVE-2019-14584
- SUSE Bug 1177789