Lucene search

K
suseSuseOPENSUSE-SU-2018:4254-1
HistoryDec 22, 2018 - 6:17 p.m.

Security update for ovmf (moderate)

2018-12-2218:17:24
lists.opensuse.org
100

0.0004 Low

EPSS

Percentile

10.2%

This update for ovmf fixes the following issues:

Security issues fixed:

  • CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on
    APPEND_WRITE (bsc#1115916).
  • CVE-2017-5731: Fixed privilege escalation via processing of malformed
    files in TianoCompress.c (bsc#1115917).
  • CVE-2017-5732: Fixed privilege escalation via processing of malformed
    files in BaseUefiDecompressLib.c (bsc#1115917).
  • CVE-2017-5733: Fixed privilege escalation via heap-based buffer overflow
    in MakeTable() function (bsc#1115917).
  • CVE-2017-5734: Fixed privilege escalation via stack-based buffer
    overflow in MakeTable() function (bsc#1115917).
  • CVE-2017-5735: Fixed privilege escalation via heap-based buffer overflow
    in Decode() function (bsc#1115917).

This update was imported from the SUSE:SLE-12-SP3:Update update project.

0.0004 Low

EPSS

Percentile

10.2%

Related for OPENSUSE-SU-2018:4254-1