Download
| Alert*
oval:org.secpod.oval:def:502385
ovmf is installed oval:org.secpod.oval:def:502648 OVMF is installed oval:org.secpod.oval:def:89002870 This update for ovmf fixes the following issues: - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify . oval:org.secpod.oval:def:89002591 This update for ovmf provide the following fix: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . Bug fixes: - Only use SLES-UEFI-CA-Certificate-2048.crt for the SUSE flavor to provide the better compatibility oval:org.secpod.oval:def:89002998 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Use openSUSE CA for the opensuse flavor oval:org.secpod.oval:def:89003012 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Use openSUSE CA for the opensuse flavor oval:org.secpod.oval:def:89003017 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14559: Fixed a remotely e ... oval:org.secpod.oval:def:89002986 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89002918 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences . - CVE-2019-14559: Fixed a remotely exploitabl ... oval:org.secpod.oval:def:89003090 This update for ovmf fixes the following issues: Security issue fixed: - CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user . oval:org.secpod.oval:def:89047071 This update for ovmf fixes the following issues: - Fixed a possible buffer overflow in IScsiDxe oval:org.secpod.oval:def:89048111 This update for ovmf fixes the following issues: - CVE-2019-11098: Fixed insufficient input validation in MdeModulePkg . oval:org.secpod.oval:def:89048099 This update for ovmf fixes the following issues: - CVE-2019-11098: Fixed insufficient input validation in MdeModulePkg . oval:org.secpod.oval:def:89050375 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences . - CVE-2019-14559: Fixed a remotely exploitabl ... oval:org.secpod.oval:def:89050343 This update for ovmf fixes the following issues: - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89050456 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Support more SCSI drivers . - Enable LsiScsi explicitly since it"s disabled by default oval:org.secpod.oval:def:89050313 This update for ovmf fixes the following issues: - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify . oval:org.secpod.oval:def:89050419 This update for ovmf fixes the following issues: - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify . oval:org.secpod.oval:def:89049741 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . oval:org.secpod.oval:def:89000477 This update for ovmf fixes the following issues: - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89048736 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89048856 This update for ovmf fixes the following issues: * CVE-2021-38578: Fixed potential underflow in SmmEntryPointwhen computing BufferSize . * CVE-2019-14560: Fixed potential secure boot bypass caused by improper check of GetEfiGlobalVariable2 return value . * revert a patch to fix xen boot problems oval:org.secpod.oval:def:89048750 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89048749 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89048747 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89048746 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89002039 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89003448 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:89003452 This update for ovmf fixes the following issue: Security issue fixed: - CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used . oval:org.secpod.oval:def:89003355 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:89002586 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:205196 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Buffer Overflow in BlockIo service for RAM disk For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:89003437 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:89049716 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:1502496 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502647 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Buffer Overflow in BlockIo service for RAM disk For more details about the security issue, including the impact, a CVSS score, acknowledgments, ... oval:org.secpod.oval:def:89050713 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:89050859 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:503253 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:205311 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... |