edk2-20220126gitbb1bba3d77-13.el8_10.4
エラータID: AXSA:2024-9443:13
Release date:
Friday, December 20, 2024 - 13:25
Subject:
edk2-20220126gitbb1bba3d77-13.el8_10.4
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual
Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
edk2: Integer overflows in PeCoffLoaderRelocateImage (CVE-2024-38796)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2024-38796
Solution:
Update packages.
CVEs:
CVE-2024-38796
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability.
Additional Info:
N/A
Download:
SRPMS
- edk2-20220126gitbb1bba3d77-13.el8_10.4.src.rpm
MD5: 7b167b618f14cf316cfb3adbec0a2f85
SHA-256: 8d124d5540419aca355a3e96c13bcdd37de43a3a8c354e6f74d8d9035e181449
Size: 14.92 MB
Asianux Server 8 for x86_64
- edk2-ovmf-20220126gitbb1bba3d77-13.el8_10.4.noarch.rpm
MD5: 9cc9693147b7186f14d3e84a14232d94
SHA-256: 9af4ba7bacb39b29841f5b7bd895c7fd8e5d27f89f7ad967c11145ec7045a018
Size: 3.64 MB
日本語