edk2-20200602gitca407c7246bf-3.el8
エラータID: AXSA:2021-1237:01
Release date:
Sunday, January 17, 2021 - 02:51
Subject:
edk2-20200602gitca407c7246bf-3.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
* edk2: memory leak in ArpOnFrameRcvdDpc (CVE-2019-14559)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
CVE-2019-14559
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Solution:
Update packages.
CVEs:
CVE-2019-14559
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
Additional Info:
N/A
Download:
SRPMS
- edk2-20200602gitca407c7246bf-3.el8.src.rpm
MD5: 09f89b0377155c94e175143b47d67fa1
SHA-256: 1320ec47b1587cf6f21e31bb07f6593e6b657b421583d5ba9849bea14c54b210
Size: 12.84 MB
Asianux Server 8 for x86_64
- edk2-ovmf-20200602gitca407c7246bf-3.el8.noarch.rpm
MD5: e059eeed9ddfe009f31519b30eb4224c
SHA-256: 9a088063aba405647849a6dd8bf9f2b24eab212d59e67df5798dd65a98383180
Size: 1.98 MB