Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2018:4240-1
HistoryDec 22, 2018 - 6:09 p.m.

Security update for ovmf (moderate)

2018-12-2218:09:42
lists.opensuse.org
76

0.0004 Low

EPSS

Percentile

10.2%

JSON

This update for ovmf fixes the following issues:

Security issues fixed:

  • CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on
    APPEND_WRITE (bsc#1115916).
  • CVE-2017-5731: Fixed privilege escalation via processing of malformed
    files in TianoCompress.c (bsc#1115917).
  • CVE-2017-5732: Fixed privilege escalation via processing of malformed
    files in BaseUefiDecompressLib.c (bsc#1115917).
  • CVE-2017-5733: Fixed privilege escalation via heap-based buffer overflow
    in MakeTable() function (bsc#1115917).
  • CVE-2017-5734: Fixed privilege escalation via stack-based buffer
    overflow in MakeTable() function (bsc#1115917).
  • CVE-2017-5735: Fixed privilege escalation via heap-based buffer overflow
    in Decode() function (bsc#1115917).

Non security issues fixed:

  • Fixed an issue with the default owner of PK/KEK/db/dbx and make the
    auto-enrollment only happen at the very first time. (bsc#1117998)

This update was imported from the SUSE:SLE-15:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0x86_64ovmf< 2017+git1510945757.b2662641d5-lp150.4.9.1ovmf-2017+git1510945757.b2662641d5-lp150.4.9.1.x86_64.rpm
openSUSE Leap15.0i586ovmf< 2017+git1510945757.b2662641d5-lp150.4.9.1ovmf-2017+git1510945757.b2662641d5-lp150.4.9.1.i586.rpm
openSUSE Leap15.0i586ovmf-tools< 2017+git1510945757.b2662641d5-lp150.4.9.1ovmf-tools-2017+git1510945757.b2662641d5-lp150.4.9.1.i586.rpm
openSUSE Leap15.0noarchqemu-ovmf-ia32< 2017+git1510945757.b2662641d5-lp150.4.9.1qemu-ovmf-ia32-2017+git1510945757.b2662641d5-lp150.4.9.1.noarch.rpm
openSUSE Leap15.0x86_64ovmf-tools< 2017+git1510945757.b2662641d5-lp150.4.9.1ovmf-tools-2017+git1510945757.b2662641d5-lp150.4.9.1.x86_64.rpm
openSUSE Leap15.0noarchqemu-ovmf-x86_64< 2017+git1510945757.b2662641d5-lp150.4.9.1qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-lp150.4.9.1.noarch.rpm
openSUSE Leap15.0x86_64qemu-ovmf-x86_64-debug< 2017+git1510945757.b2662641d5-lp150.4.9.1qemu-ovmf-x86_64-debug-2017+git1510945757.b2662641d5-lp150.4.9.1.x86_64.rpm

Related

nessus 18
openvas 3
suse 1
centos 1
fedora 2
amazon 1
redhat 1
oraclelinux 4
redhatcve 6
cve 6
prion 2
ubuntucve 2
veracode 1
osv 1
apple 2
nessus
nessus
SUSE SLES12 Security Update : ovmf (SUSE-SU-2018:4207-1)
2018-12-21 00:00:00
SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:4155-1)
2019-01-02 00:00:00
openSUSE Security Update : ovmf (openSUSE-2019-1017)
2019-03-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4240-1)
2018-12-23 00:00:00
openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4254-1)
2018-12-23 00:00:00
Fedora Update for edk2 FEDORA-2019-bff1cbaba3
2019-05-07 00:00:00
suse
suse
Security update for ovmf (moderate)
2018-12-22 18:17:24
centos
centos
OVMF security update
2019-08-30 03:50:09
fedora
fedora
[SECURITY] Fedora 30 Update: edk2-20190308stable-1.fc30
2019-03-31 00:05:59
[SECURITY] Fedora 29 Update: edk2-20190308stable-1.fc29
2019-04-03 03:31:40
amazon
amazon
Important: edk2
2019-08-23 03:26:00
redhat
redhat
(RHSA-2019:2125) Moderate: ovmf security and enhancement update
2019-08-06 08:03:42
oraclelinux
oraclelinux
ovmf security and enhancement update
2019-08-13 00:00:00
edk2 security update
2019-06-06 00:00:00
edk2 security update
2019-09-13 00:00:00
redhatcve
redhatcve
CVE-2017-5735
2018-10-22 06:51:23
CVE-2017-5733
2018-10-22 06:21:05
CVE-2017-5734
2018-10-22 06:50:05
cve
cve
CVE-2017-5735
2019-10-28 15:15:00
CVE-2017-5731
2019-10-28 15:15:00
CVE-2017-5734
2019-10-28 15:15:00
prion
prion
Design/Logic Flaw
2019-10-28 15:15:00
Information disclosure
2019-03-27 20:29:00
ubuntucve
ubuntucve
CVE-2017-5731
2019-10-28 00:00:00
CVE-2018-3613
2019-03-27 00:00:00
veracode
veracode
Privilege Escalation
2019-08-08 00:07:51
osv
osv
CVE-2018-3613
2019-03-27 20:29:03
apple
apple
About the security content of macOS Mojave 10.14
2018-09-24 00:00:00
About the security content of macOS Mojave 10.14 - Apple Support
2020-02-04 05:12:57

0.0004 Low

EPSS

Percentile

10.2%

JSON
Related for OPENSUSE-SU-2018:4240-1
nessus18openvas3suse1centos1fedora2amazon1redhat1oraclelinux4redhatcve6cve6prion2ubuntucve2veracode1osv1apple2