Download
| Alert*
oval:org.secpod.oval:def:116975
EDK II is a development code base for creating UEFI drivers, applications and firmware images. oval:org.secpod.oval:def:1901759 [buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media] oval:org.secpod.oval:def:1700513 Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial ... oval:org.secpod.oval:def:66459 EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Stack buffer overflow with corrupted BMP * edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media For mor ... oval:org.secpod.oval:def:89003437 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:503413 EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Stack buffer overflow with corrupted BMP * edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media For mor ... oval:org.secpod.oval:def:1504202 [20190308git89910a39dcfd-6.el8] - edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch [bz#1714446] - edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch [bz#1714446] - edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch [bz#1714446] - Resolves: bz#1714446 [201903 ... oval:org.secpod.oval:def:89050713 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:503253 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:1504481 [20180508-6.gitee3198e672e2.el7] - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch [bz#1691479] - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch [bz#1691479] - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch [bz#1691647] - ovmf-MdeModulePkg-UdfDxe-Ref ... oval:org.secpod.oval:def:205311 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... |