Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 41 articles for you...
89
security advisorydenial of servicefedoraFedora 43 edk2 Important OpenSSL DoS Fix FEDORA-2026-a484707720
unbreak https boot update openssl to 3.5.6. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a484707720 2026-04-29 02:45:22.223433+00:00 -------------------------------------------------------------------------------- Name : edk2 Product : Fedora 43 Version : 20260213 Release : 4.fc43 URL : http://www.tianocore.org Summary : UEFI firmware for 64-bit virtual machines Description : EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. This package contains sample 64-bit UEFI firmware builds for QEMU and KVM. -------------------------------------------------------------------------------- Update Information: unbreak https boot update openssl to 3.5.6 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 23 2026 Gerd Hoffmann - 20260213-4 - unbreak https boot * Thu Apr 9 2026 Gerd Hoffmann - 20260213-3 - update openssl to 3.5.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2456455 - CVE-2026-28390 edk2: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2456455 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a484707720' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 29, 2026
•Important
Fedora
219
security advisorymoderateOpenSSLRocky Linux 9 RLSA-2026-3746 edk2 Major OpenSSL Buffer Overflow Flaw
Moderate: edk2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:2776", "synopsis": "Moderate: edk2 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for edk2.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2396054", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054", "description": ""}], "cves": [{"name": "CVE-2025-9230", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-9230", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "5.6", "cwe": "CWE-787"}], "references": [], "publishedAt": "2026-02-24T18:43:02.661920Z", "rpms": {"Rocky Linux 9": {"nvras": ["edk2-0:20241117-4.el9_7.3.src.rpm", "edk2-aarch64-0:20241117-4.el9_7.3.noarch.rpm", "edk2-debugsource-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-debugsource-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-ovmf-0:20241117-4.el9_7.3.noarch.rpm", "edk2-tools-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-tools-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-tools-debuginfo-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-tools-debuginfo-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-tools-doc-0:20241117-4.el9_7.3.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate edk2 security update is available for Rocky Linux 9, addressing anout-of-bounds issue in OpenSSL. Updates recommended.. Rocky Linux edk2 security update OpenSSL CVE-2025-9230 Moderate. . LinuxSecurity.com Team
Feb 24, 2026
Rocky Linux
219
security advisorymoderatesecurity updateAlpine Linux 3.22 EDK2 Safety Patch RLSA-2030-4873 CVE-2025-9359
Moderate: edk2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:2776", "synopsis": "Moderate: edk2 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for edk2.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2396054", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054", "description": ""}], "cves": [{"name": "CVE-2025-9230", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-9230", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "5.6", "cwe": "CWE-787"}], "references": [], "publishedAt": "2026-02-24T18:43:02.661920Z", "rpms": {"Rocky Linux 9": {"nvras": ["edk2-0:20241117-4.el9_7.3.src.rpm", "edk2-aarch64-0:20241117-4.el9_7.3.noarch.rpm", "edk2-debugsource-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-debugsource-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-ovmf-0:20241117-4.el9_7.3.noarch.rpm", "edk2-tools-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-tools-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-tools-debuginfo-0:20241117-4.el9_7.3.aarch64.rpm", "edk2-tools-debuginfo-0:20241117-4.el9_7.3.x86_64.rpm", "edk2-tools-doc-0:20241117-4.el9_7.3.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Get the latest security update for edk2 on Rocky Linux including a moderateseverity fix for openssl issues.. edk2 security update, Rocky Linux updates, moderate severity advisory. . LinuxSecurity.com Team
Feb 24, 2026
Rocky Linux
217
security advisorymoderateout-of-boundsOracle Linux 9 ELSA-2026-2776 edk2 Moderate Out-of-Bounds Issue
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-2776 http://linux.oracle.com/errata/ELSA-2026-2776.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: edk2-aarch64-20241117-4.0.1.el9_7.3.noarch.rpm edk2-ovmf-20241117-4.0.1.el9_7.3.noarch.rpm edk2-tools-20241117-4.0.1.el9_7.3.x86_64.rpm edk2-tools-doc-20241117-4.0.1.el9_7.3.noarch.rpm aarch64: edk2-aarch64-20241117-4.0.1.el9_7.3.noarch.rpm edk2-ovmf-20241117-4.0.1.el9_7.3.noarch.rpm edk2-tools-20241117-4.0.1.el9_7.3.aarch64.rpm edk2-tools-doc-20241117-4.0.1.el9_7.3.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/edk2-20241117-4.0.1.el9_7.3.src.rpm Related CVEs: CVE-2025-9230 Description of changes: [20241117-4.0.1.el9_7.3] - Replace upstream references [Orabug:36569119] [20241117-4.el9_7.3] - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch [RHEL-125104] - edk2-MdePkg-Add-the-COHERENCY_SFW_NO-CPUID-bit-field.patch [RHEL-125104] - edk2-OvmfPkg-ResetVector-Make-ReceivedVc-a-flag-in-SEV-ES.patch [RHEL-125104] - edk2-OvmfPkg-MemEncryptSevLib-Check-if-SEV-SNP-coherency-.patch [RHEL-125104] - edk2-openssl-flatten-contents-of-openssl-tarball.patch [RHEL-115923] - edk2-Bumped-openssl-submodule-to-version-3.0.7-29.1.patch [RHEL-115923] - Resolves: RHEL-125104 ([edk2] VM panic on booting SNP guest with large memory on Genoa [rhel-9.7.z]) - Resolves: RHEL-115923 (CVE-2025-9230 edk2: Out-of-bounds read & write in RFC 3211 KEK Unwrap [rhel-9.7.z]) [20241117-4.el9_7.2] - edk2-OvmfPkg-IoMmuDxe-Fix-1M-and-2M-buffer-handling.patch [RHEL-121875] - Resolves: RHEL-121875 (Fail to create AMD SEV SLES 15 SP4 guest via virt-install --cdrom [rhel-9.7.z]) [20241117-4.el9_7.1] - edk2-OvmfPkg-IoMmuDxe-Fix-1M-and-2M-buffer-handling.patch [RHEL-121875] - Resolves: RHEL-121875 (Fail to create AMD SEV SLES 15 SP4 guest via virt-install --cdrom[rhel-9.7.z]) _______________________________________________ El-errata mailing list
Feb 18, 2026
Oracle
219
security advisorymoderateupdateRocky Linux 8: RLSA-2024:11185 EDK2 Moderate Integer Overflow Patch
Moderate: edk2:20220126gitbb1bba3d77 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:11185", "synopsis": "Moderate: edk2:20220126gitbb1bba3d77 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for edk2.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* edk2: Integer overflows in PeCoffLoaderRelocateImage (CVE-2024-38796)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2315390", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2315390", "description": ""}], "cves": [{"name": "CVE-2024-38796", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-38796", "cvss3ScoringVector": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L", "cvss3BaseScore": "5.9", "cwe": "CWE-122"}], "references": [], "publishedAt": "2025-06-24T17:18:45.931997Z", "rpms": {"Rocky Linux 8": {"nvras": ["edk2-0:20220126gitbb1bba3d77-13.el8_10.4.src.rpm", "edk2-aarch64-0:20220126gitbb1bba3d77-13.el8_10.4.noarch.rpm", "edk2-ovmf-0:20220126gitbb1bba3d77-13.el8_10.4.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. AlmaLinux edk2 security enhancements tackle buffer overflow risks; maintain system integrity and performance with this upgrade.. Rocky Linux, EDK2, security update, integer overflow, patching advice. . LinuxSecurity.com Team
Jun 24, 2025
Rocky Linux
197
security advisorydenial of servicebuffer overflowDebian 11: DLA-4207-1 critical: edk2 buffer overflow and DoS issues
Multiple security vulnerabilities have been fixed in EDK II, a modern, feature-rich, cross-platform firmware development environment. Remotely exploitable buffer overflows and out-of-bounds or infinite loop vulnerabilities may lead to a denial of service or the execution of . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4207-1
Jun 05, 2025
•Critical
Debian LTS
202
security advisorynetwork securityupdateopenSUSE Leap 15.4: SUSE-SU-2025:0503-1 important: edk2 network issues
An update that solves 10 vulnerabilities can now be installed.. # Security update for ovmf Announcement ID: SUSE-SU-2025:0503-1 Release Date: 2025-02-13T10:12:13Z Rating: important References: * bsc#1218879 * bsc#1218880 * bsc#1218881 * bsc#1218882 * bsc#1218883 * bsc#1218884 * bsc#1218885 * bsc#1218886 * bsc#1218887 * bsc#1225889 Cross-References: * CVE-2023-45229 * CVE-2023-45230 * CVE-2023-45231 * CVE-2023-45232 * CVE-2023-45233 * CVE-2023-45234 * CVE-2023-45235 * CVE-2023-45236 * CVE-2023-45237 * CVE-2024-1298 CVSS scores: * CVE-2023-45229 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45229 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45230 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2023-45230 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45230 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2023-45231 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45231 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45233 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45233 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45234 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2023-45234 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45235 ( SUSE ): 8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2023-45235 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45236 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45236 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45237 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-45237 ( NVD ): 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-1298 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for ovmf fixes the following issues: * CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. (bsc#1225889) * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA options in DHCPv6 Advertise messages. (bsc#1218879) * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. (bsc#1218880) * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect message with truncated options. (bsc#1218881) * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the Destination Options header. (bsc#1218882) * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the Destination Options header. (bsc#1218883) * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options in a DHCPv6 Advertise message. (bsc#1218884) * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option in a DHCPv6 proxy Advertise message. (bsc#1218885) * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network packages. (bsc#1218886) * CVE-2023-45237: use of a weakpseudorandom number generator in edk2. (bsc#1218887) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-503=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-503=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-503=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-503=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-503=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-503=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-503=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-503=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 *SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Manager Proxy 4.3 (x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Manager Proxy 4.3 (noarch) * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Manager Server 4.3 (x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * SUSE Manager Server 4.3 (noarch) * qemu-ovmf-x86_64-202202-150400.5.15.1 * openSUSE Leap 15.4 (aarch64 x86_64) * ovmf-202202-150400.5.15.1 * ovmf-tools-202202-150400.5.15.1 * openSUSE Leap 15.4 (noarch) * qemu-ovmf-x86_64-202202-150400.5.15.1 * qemu-uefi-aarch32-202202-150400.5.15.1 * qemu-ovmf-ia32-202202-150400.5.15.1 * qemu-uefi-aarch64-202202-150400.5.15.1 * openSUSE Leap 15.4 (x86_64) * qemu-ovmf-x86_64-debug-202202-150400.5.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3(noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * qemu-uefi-aarch64-202202-150400.5.15.1 * qemu-ovmf-x86_64-202202-150400.5.15.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45229.html * https://www.suse.com/security/cve/CVE-2023-45230.html * https://www.suse.com/security/cve/CVE-2023-45231.html * https://www.suse.com/security/cve/CVE-2023-45232.html * https://www.suse.com/security/cve/CVE-2023-45233.html * https://www.suse.com/security/cve/CVE-2023-45234.html * https://www.suse.com/security/cve/CVE-2023-45235.html * https://www.suse.com/security/cve/CVE-2023-45236.html * https://www.suse.com/security/cve/CVE-2023-45237.html * https://www.suse.com/security/cve/CVE-2024-1298.html * https://bugzilla.suse.com/show_bug.cgi?id=1218879 * https://bugzilla.suse.com/show_bug.cgi?id=1218880 * https://bugzilla.suse.com/show_bug.cgi?id=1218881 * https://bugzilla.suse.com/show_bug.cgi?id=1218882 * https://bugzilla.suse.com/show_bug.cgi?id=1218883 * https://bugzilla.suse.com/show_bug.cgi?id=1218884 * https://bugzilla.suse.com/show_bug.cgi?id=1218885 * https://bugzilla.suse.com/show_bug.cgi?id=1218886 * https://bugzilla.suse.com/show_bug.cgi?id=1218887 * https://bugzilla.suse.com/show_bug.cgi?id=1225889 . The recent OpenSUSE advisory addresses significant OVMF updates, targeting critical threats such as buffer overflow risks and networking vulnerabilities.. SUSE Linux, edk2 vulnerabilities, openSUSE security update. . Severity: Important. LinuxSecurity.com Team
Feb 13, 2025
•Important
OpenSUSE
217
security advisorymoderatesecurity issueOracle Linux 9 ELSA-2024-11219 moderate: edk2 integer overflow
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-11219 http://linux.oracle.com/errata/ELSA-2024-11219.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm edk2-tools-20240524-6.0.1.el9_5.3.x86_64.rpm edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm aarch64: edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm edk2-tools-20240524-6.0.1.el9_5.3.aarch64.rpm edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//edk2-20240524-6.0.1.el9_5.3.src.rpm Related CVEs: CVE-2024-38796 Description of changes: [20240524-6.0.1.el9_5.3] - edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631] - Resolves: RHEL-58631 ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater) - edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230] - Resolves: RHEL-66230 ([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6]) - edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725] - Resolves: RHEL-65725 ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6]) - edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248] - edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248] - edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833] - Resolves: RHEL-56248 (507x510 display resolution should not crash the firmware [edk2,rhel-9.6]) - Resolves: RHEL-60833 (CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6]) _______________________________________________ El-errata mailing list
Dec 20, 2024
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!