13 matches found
SUSE: Security Advisory (SUSE-SU-2018:4155-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:4207-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-5735
...
CVE-2017-5735
CVE-2017-5735 is cited in connected advisories as a vulnerability in EDK II/OVMF firmware (heap-based buffer overflow in Decode()) that can lead to privilege escalation. In MiracleLinux 7, the ovmf package is reported affected along with other CVEs (5731–5735) in the AXSA:2019-4031:02 advisory; o...
OVMF security update
CentOS Errata and Security Advisory CESA-2019:2125 An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : ovmf (CESA-2019:2125)
An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Scientific Linux Security Update : ovmf on 7.x (noarch) (2019:2125)
The remote Scientific Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the SLSA-2019:2125-1 advisory. Security Fixes: edk2: Privilege escalation via processing of malformed files in TianoCompress.c CVE-2017-5731 edk2: Privilege escalation via...
Important: edk2
Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...
openSUSE Security Update : ovmf (openSUSE-2019-1017)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...
openSUSE Security Update : ovmf (openSUSE-2018-1591)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...
openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4240-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for ovmf (moderate)
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...
SUSE-SU-2018:4207-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...