Synopsis
Moderate: edk2 security, bug fix, and enhancement update
Type / Sévérité
Security Advisory: Moderate
Sujet
An update for edk2 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
- edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler() (CVE-2019-14560)
- openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.
Produits concernés
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
-
Red Hat CodeReady Linux Builder for x86_64 9 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
-
Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
-
Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
-
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
-
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
-
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
Correctifs
-
BZ - 1858038
- CVE-2019-14560 edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
-
BZ - 2055123
- [Q35] Failed to hot-plug a device whose membar > 2M into the vm
-
BZ - 2124143
- ovmf must consider max cpu count not boot cpu count for apic mode [rhel-9]
-
BZ - 2174749
- [edk2] re-enable dynamic mmio window
-
BZ - 2176920
- [EDK2] disable dynamic mmio window [rhel-9.3.0]
-
BZ - 2186754
- edk2: Add firmware images in qcow2 format
-
BZ - 2189136
- windows 11 installation broken with edk2-20230301gitf80f052277c8-1.el9
-
BZ - 2203094
- Add more than 17 pcie-root-ports, display Out Of Resource
-
BZ - 2207947
- CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers
-
BZ - 2211060
- SEV-es guest randomly stuck at boot to hard drive screen from powerdown and boot again
-
BZ - 2218196
- Add vtpm devices with OVMF.amdsev.fd causes VM reset
Remarque:
Il existe peut-être des versions plus récentes de ces paquets.
Cliquer sur un nom de paquet pour obtenir plus de détails.
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux Server - AUS 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for x86_64 9
| SRPM |
| x86_64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-debugsource-20230524-3.el9.x86_64.rpm
|
SHA-256: 2f930cb8101e0259bd983774e8d4862d5647e885aabaec4074e8ea757d2a676e |
|
edk2-tools-20230524-3.el9.x86_64.rpm
|
SHA-256: 4d89f25237959a29fef1cd254d05550d01e85df527057f72184d6d1d6bb300d2 |
|
edk2-tools-debuginfo-20230524-3.el9.x86_64.rpm
|
SHA-256: f039da495c51ba5b6c5f08f0536772763f0621c515c0731fe0412fab35d719f5 |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat CodeReady Linux Builder for Power, little endian 9
| SRPM |
| ppc64le |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for ARM 64 9
| SRPM |
| aarch64 |
|
edk2-debugsource-20230524-3.el9.aarch64.rpm
|
SHA-256: cd13ef6cece5567ac64d2710916cf4e97b1b8c0b97bcd6c0b00a4dc9edec54d8 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
|
edk2-tools-20230524-3.el9.aarch64.rpm
|
SHA-256: 1560ade2690b80dcce4a5be027ca96317dccc6268a9d390c98c16cefd3118a73 |
|
edk2-tools-debuginfo-20230524-3.el9.aarch64.rpm
|
SHA-256: 22906a49d7c1db8537ac501f2f69c9c217ab1a99a80c5f7797a765e4d94d75fb |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat CodeReady Linux Builder for IBM z Systems 9
| SRPM |
| s390x |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6
| SRPM |
| x86_64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-debugsource-20230524-3.el9.x86_64.rpm
|
SHA-256: 2f930cb8101e0259bd983774e8d4862d5647e885aabaec4074e8ea757d2a676e |
|
edk2-tools-20230524-3.el9.x86_64.rpm
|
SHA-256: 4d89f25237959a29fef1cd254d05550d01e85df527057f72184d6d1d6bb300d2 |
|
edk2-tools-debuginfo-20230524-3.el9.x86_64.rpm
|
SHA-256: f039da495c51ba5b6c5f08f0536772763f0621c515c0731fe0412fab35d719f5 |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4
| SRPM |
| x86_64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-debugsource-20230524-3.el9.x86_64.rpm
|
SHA-256: 2f930cb8101e0259bd983774e8d4862d5647e885aabaec4074e8ea757d2a676e |
|
edk2-tools-20230524-3.el9.x86_64.rpm
|
SHA-256: 4d89f25237959a29fef1cd254d05550d01e85df527057f72184d6d1d6bb300d2 |
|
edk2-tools-debuginfo-20230524-3.el9.x86_64.rpm
|
SHA-256: f039da495c51ba5b6c5f08f0536772763f0621c515c0731fe0412fab35d719f5 |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6
| SRPM |
| ppc64le |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4
| SRPM |
| ppc64le |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6
| SRPM |
| s390x |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4
| SRPM |
| s390x |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6
| SRPM |
| aarch64 |
|
edk2-debugsource-20230524-3.el9.aarch64.rpm
|
SHA-256: cd13ef6cece5567ac64d2710916cf4e97b1b8c0b97bcd6c0b00a4dc9edec54d8 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
|
edk2-tools-20230524-3.el9.aarch64.rpm
|
SHA-256: 1560ade2690b80dcce4a5be027ca96317dccc6268a9d390c98c16cefd3118a73 |
|
edk2-tools-debuginfo-20230524-3.el9.aarch64.rpm
|
SHA-256: 22906a49d7c1db8537ac501f2f69c9c217ab1a99a80c5f7797a765e4d94d75fb |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4
| SRPM |
| aarch64 |
|
edk2-debugsource-20230524-3.el9.aarch64.rpm
|
SHA-256: cd13ef6cece5567ac64d2710916cf4e97b1b8c0b97bcd6c0b00a4dc9edec54d8 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
|
edk2-tools-20230524-3.el9.aarch64.rpm
|
SHA-256: 1560ade2690b80dcce4a5be027ca96317dccc6268a9d390c98c16cefd3118a73 |
|
edk2-tools-debuginfo-20230524-3.el9.aarch64.rpm
|
SHA-256: 22906a49d7c1db8537ac501f2f69c9c217ab1a99a80c5f7797a765e4d94d75fb |
|
edk2-tools-doc-20230524-3.el9.noarch.rpm
|
SHA-256: f04b8c1735055c5ce070ea61ae4be59f4caff7c71b8f85048798bae7796f5081 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| x86_64 |
|
edk2-ovmf-20230524-3.el9.noarch.rpm
|
SHA-256: 39cf6982557844078bfeeefa1a2305a80b6df1ef0364a9fdf1490bfcc5caeb32 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4
| SRPM |
|
edk2-20230524-3.el9.src.rpm
|
SHA-256: f224f7f4da2c6461b0e545155bde52d11397692e31a813b470879d697fb395bd |
| aarch64 |
|
edk2-aarch64-20230524-3.el9.noarch.rpm
|
SHA-256: 93094bcfdce599e0db64daa997fdd1b32bc7c59a1ac75c053c15a9d91ca32503 |
