Download
| Alert*
|
oval:org.secpod.oval:def:1700511
Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. A missing check ... oval:org.secpod.oval:def:89049716 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89002586 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89002039 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:116189 EDK II is a development code base for creating UEFI drivers, applications and firmware images. oval:org.secpod.oval:def:1504481 [20180508-6.gitee3198e672e2.el7] - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch [bz#1691479] - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch [bz#1691479] - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch [bz#1691647] - ovmf-MdeModulePkg-UdfDxe-Ref ... oval:org.secpod.oval:def:205311 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:503253 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:1504291 [1:1.2-5.el7] - Update spec file to remove "modprobe kvm-intel" and remove --enable-kvm arg to ovmf_vars_generator so qemu will not require kvm kernel module. - Update spec file to modprobe kvm_intel module prior to running qemu to enroll default keys. - Enroll Oracle cert/key for OL secureboot su ... |
