Lucene search
OracleLinuxELSA-2024-12409HistoryJun 03, 2024 - 12:00 a.m.
edk2 security update
2024-06-0300:00:00
linux.oracle.com
10
edk2
security update
release
openssl
cves
unix
CVSS3
8.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.7%
- Tue Feb 27 2024 Aaron Young
- Create new 20240227 release for OL9 which includes the following fixed CVEs:
{CVE-2023-45229} {CVE-2023-45230} {CVE-2023-45231} {CVE-2023-45232} {CVE-2023-45233} {CVE-2023-45234} {CVE-2023-45235} {CVE-2022-36763} {CVE-2022-36764} {CVE-2022-36765} - Update to OpenSSL 3.0.10 which includes the following fixed CVEs:
{CVE-2023-2975} {CVE-2023-1255} {CVE-2023-0401} {CVE-2023-0217} {CVE-2023-0216} {CVE-2023-0215} {CVE-2022-4203} {CVE-2022-3996} {CVE-2022-3602} {CVE-2022-3786} {CVE-2022-3358} {CVE-2022-2274} {CVE-2022-1473} {CVE-2022-1434} {CVE-2022-1343} {CVE-2021-4044} {CVE-2021-23839}
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | edk2 | < 20240227-5.el9 | edk2-20240227-5.el9.src.rpm |
| oracle linux | 9 | src | edk2 | < 20240227-5.el9 | edk2-20240227-5.el9.src.rpm |
| oracle linux | 9 | noarch | edk2-aarch64 | < 20240227-5.el9 | edk2-aarch64-20240227-5.el9.noarch.rpm |
| oracle linux | 9 | src | edk2 | < 20240227-5.el9 | edk2-20240227-5.el9.src.rpm |
| oracle linux | 9 | src | edk2 | < 20240227-5.el9 | edk2-20240227-5.el9.src.rpm |
| oracle linux | 9 | noarch | edk2-ovmf | < 20240227-5.el9 | edk2-ovmf-20240227-5.el9.noarch.rpm |
Related
oraclelinux
oraclelinux
edk2 security update
2024-04-24 00:00:00
edk2 security update
2024-06-04 00:00:00
edk2 security update
2024-06-03 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1733)
2024-05-30 00:00:00
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1722)
2024-05-30 00:00:00
Fedora: Security Advisory (FEDORA-2024-a9dead34c5)
2024-03-25 00:00:00
nessus
nessus
EulerOS Virtualization 2.11.1 : edk2 (EulerOS-SA-2024-1722)
2024-05-29 00:00:00
EulerOS Virtualization 2.11.0 : edk2 (EulerOS-SA-2024-1733)
2024-05-29 00:00:00
Oracle Linux 9 : edk2 (ELSA-2024-12409)
2024-06-04 00:00:00
debian
debian
[SECURITY] [DSA 5624-1] edk2 security update
2024-02-14 20:00:57
almalinux
almalinux
Important: edk2 security update
2024-05-22 00:00:00
Important: edk2 security update
2024-04-30 00:00:00
Important: edk2 security update
2024-03-05 00:00:00
redhat
redhat
(RHSA-2024:3017) Important: edk2 security update
2024-05-22 06:35:22
(RHSA-2024:2264) Important: edk2 security update
2024-04-30 06:15:12
(RHSA-2024:3497) Important: edk2 security update
2024-05-30 12:07:00
osv
osv
Important: edk2 security update
2024-05-22 00:00:00
edk2 vulnerabilities
2024-02-15 01:36:15
Important: edk2 security update
2024-05-10 14:32:38
ubuntu
ubuntu
EDK II vulnerabilities
2024-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: edk2-20240214-2.fc39
2024-03-13 01:25:14
rocky
rocky
edk2 security update
2024-05-10 14:32:38
edk2 security update
2024-03-12 15:41:47
redos
redos
ROS-20240625-06
2024-06-25 00:00:00
amazon
amazon
Important: edk2
2024-02-29 10:03:00
Medium: edk2
2024-02-15 03:52:00
thn
thn
hp
hp
AMI UEFI Firmware January 2024 EDK II Reference Vulnerabilities
2024-01-26 00:00:00
Insyde BIOS June 2024 EDK II Reference Vulnerabilities
2024-06-18 00:00:00
cert
cert
Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
2024-01-16 00:00:00
ubuntucve
ubuntucve
cbl_mariner
cbl_mariner
debiancve
debiancve
cvelist
cvelist
CVE-2022-36765 Integer Overflow in CreateHob
2024-01-09 16:10:16
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package
2024-01-16 16:07:31
CVE-2022-36763 Heap Buffer Overflow in Tcg2MeasureGptTable
2024-01-09 16:09:11
cve
cve
nvd
nvd
redhatcve
redhatcve
prion
prion
Integer overflow
2024-01-09 16:15:00
Buffer overflow
2024-01-16 16:15:00
Heap overflow
2024-01-09 16:15:00
alpinelinux
alpinelinux
vulnrichment
vulnrichment
CVE-2022-36764 Heap Buffer Overflow in Tcg2MeasurePeImage
2024-01-09 16:09:44
CVSS3
8.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.7%
Related for ELSA-2024-12409