RHSA-2026:18320 Red Hat Security Advisory: edk2 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: edk2

Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...

RHSA-2026:3164 Red Hat Security Advisory: edk2 security update

Bulletin has no description...

Low: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RockyLinux 9 : edk2:20240524 (RLSA-2024:11219)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11219 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the RockyLinux security...

Medium: edk2

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

RHSA-2024:11219 Red Hat Security Advisory: edk2:20240524 security update

Bulletin has no description...

RockyLinux 9 : edk2 (RLSA-2024:8935)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8935 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the RockyLinux security...

edk2 security update

20231122-6.0.1.el94.4 - Replace upstream references Orabug:36569119 20231122-6.el94.4 - edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch RHEL-55337 - Resolves: RHEL-55337 CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks rhel-9.4.z...

[SECURITY] [DLA 3852-1] edk2 security update

Debian LTS Advisory DLA-3852-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 30, 2024 https://wiki.debian.org/LTS Package : edk2 Version : 020181115.85588389-3+deb10u4 CVE ID : CVE-2023-48733 Mate Kukri discovered the Debian build of EDK2, a UEFI firmware...