4 matches found
Important: edk2
Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...
openSUSE Security Update : ovmf (openSUSE-2019-1083)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. -...
SUSE-SU-2019:0581-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. - CVE-2018-3630...
SUSE-SU-2019:0579-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. - CVE-2018-3630...