20 matches found
Oracle Linux 8 : edk2 (ELSA-2019-3338)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3338 advisory. 20190308git89910a39dcfd-6.el8 - edk2-ArmVirtPkg-silence-DEBUGVERBOSE-masking-0x00400000-.patch bz1714446 -...
Oracle Linux 7 : edk2 (ELSA-2019-4785)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4785 advisory. 1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel...
SUSE: Security Advisory (SUSE-SU-2019:0738-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...
Ubuntu: Security Advisory (USN-4349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4349-1: EDK II vulnerabilities
A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...
OVMF security update
CentOS Errata and Security Advisory CESA-2019:2125 An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : ovmf (CESA-2019:2125)
An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Scientific Linux Security Update : ovmf on 7.x (noarch) (2019:2125)
The remote Scientific Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the SLSA-2019:2125-1 advisory. Security Fixes: edk2: Privilege escalation via processing of malformed files in TianoCompress.c CVE-2017-5731 edk2: Privilege escalation via...
Important: edk2
Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...
openSUSE Security Update : ovmf (openSUSE-2019-1172)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. - CVE-2018-12181: Fixed a stack-based buffer overflo...
Security update for ovmf (moderate)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2019:1139-1 Rating: moderate References: 1128503 Cross-References: CVE-2018-12181 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for ovmf fixes...
openSUSE Security Update : ovmf (openSUSE-2019-1139)
This update for ovmf fixes the following issue : Security issue fixed : - CVE-2018-12181: Fixed a stack-based buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503. This update was imported from the SUSE:SLE-12-SP3:Update update project. %NASLMINLEVEL 70300 C Tenable...
Security fix for the ALT Linux 10 package edk2 version 20190308-alt1
April 2, 2019 Alexey Shabalin 20190308-alt1 - edk2-stable201903 Fixes: CVE-2018-12178, CVE-2018-12180, CVE-2018-12181, CVE-2018-3630...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2019:0804-1)
This update for ovmf fixes the following issues : Security issues fixed : CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. CVE-2018-12181: Fixed a stack-based buffer overflow in...
CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access...
CVE-2018-12181
CVE-2018-12181 is confirmed in the provided connected documents as: a stack overflow in EDK II firmware when processing corrupted BMP data, which may allow a local attacker to cause denial of service or elevate privileges. Affected component: EDK II (firmware/EDK II BMP handling). Impact: local p...
SUSE-SU-2019:0766-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. - CVE-2018-12181: Fixed a stack buffer overflow in the...
SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:0738-1)
This update for ovmf fixes the following issue : Security issue fixed : CVE-2018-12181: Fixed a stack-based buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...
SUSE-SU-2019:0738-1 Security update for ovmf
This update for ovmf fixes the following issue: Security issue fixed: - CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503...