7 matches found
CVE-2018-3630
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...
Important: edk2
Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...
Security fix for the ALT Linux 10 package edk2 version 20190308-alt1
April 2, 2019 Alexey Shabalin 20190308-alt1 - edk2-stable201903 Fixes: CVE-2018-12178, CVE-2018-12180, CVE-2018-12181, CVE-2018-3630...
openSUSE Security Update : ovmf (openSUSE-2019-1083)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. -...
Security update for ovmf (important)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2019:1083-1 Rating: important References: 1127820 1127821 1127822 Cross-References: CVE-2018-12178 CVE-2018-12180 CVE-2018-3630 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities is now...
openSUSE: Security Advisory for ovmf (openSUSE-SU-2019:0348-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2019:0580-1)
This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. CVE-2018-3630:...