Red Hat Product Errata RHSA-2024:2264 - Security Advisory
Issued:
2024-04-30
Updated:
2024-04-30

RHSA-2024:2264 - Security Advisory

Synopsis

Important: edk2 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for edk2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

Security Fix(es):

  • edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)
  • EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)
  • EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)
  • edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)
  • edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)
  • edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)
  • edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)
  • openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64

Fixes

  • BZ - 2224962 - CVE-2023-3446 openssl: Excessive time spent checking DH keys and parameters
  • BZ - 2257582 - CVE-2022-36763 EDK2: heap buffer overflow in Tcg2MeasureGptTable()
  • BZ - 2257583 - CVE-2022-36764 EDK2: heap buffer overflow in Tcg2MeasurePeImage()
  • BZ - 2258677 - CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message
  • BZ - 2258688 - CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options
  • BZ - 2258691 - CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header
  • BZ - 2258694 - CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header
  • BZ - 2258700 - CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message
  • RHEL-14123 - [EDK2]provide ovmf firmware build for tdx with secure boot turned on
  • RHEL-20963 - [rhel9] guest fails to boot due to ASSERT error

Red Hat Enterprise Linux for x86_64 9

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
x86_64
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
x86_64
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
x86_64
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat Enterprise Linux for ARM 64 9

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
aarch64
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
aarch64
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
x86_64
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat CodeReady Linux Builder for x86_64 9

SRPM
x86_64
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-debugsource-20231122-6.el9.x86_64.rpm SHA-256: ee9c4e846d6f3d6f6a76df690ae3c0275ec3e5201dbfe4c1586d59ff89ec6886
edk2-tools-20231122-6.el9.x86_64.rpm SHA-256: ea7425d658f53bade494715224860c28fea3492fec8f5f611eb278ee1bd99649
edk2-tools-debuginfo-20231122-6.el9.x86_64.rpm SHA-256: 5ff82588188c9bd68487061046567754b1bd9a9eda32008df1441aa6926dba79
edk2-tools-doc-20231122-6.el9.noarch.rpm SHA-256: 95c36585fc76a0972be9f0b17b21a9d68b2860900f9f573aec6aab3c0a02b523

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM
ppc64le
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM
aarch64
edk2-debugsource-20231122-6.el9.aarch64.rpm SHA-256: a443955d1b441a8f1c5a88d599cfbe0dbe7547ab0a07d5f66e7b9c7977025aed
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b
edk2-tools-20231122-6.el9.aarch64.rpm SHA-256: 4da00fbe8a67f454f8b3604012cfccd0a4fe7736c06fdae99326a32f11090d9a
edk2-tools-debuginfo-20231122-6.el9.aarch64.rpm SHA-256: 6f1188f0034937684d9157d8aef2ac3f0b156c7642fd18ee73ec2696bd19b418
edk2-tools-doc-20231122-6.el9.noarch.rpm SHA-256: 95c36585fc76a0972be9f0b17b21a9d68b2860900f9f573aec6aab3c0a02b523

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM
s390x
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4

SRPM
x86_64
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-debugsource-20231122-6.el9.x86_64.rpm SHA-256: ee9c4e846d6f3d6f6a76df690ae3c0275ec3e5201dbfe4c1586d59ff89ec6886
edk2-tools-20231122-6.el9.x86_64.rpm SHA-256: ea7425d658f53bade494715224860c28fea3492fec8f5f611eb278ee1bd99649
edk2-tools-debuginfo-20231122-6.el9.x86_64.rpm SHA-256: 5ff82588188c9bd68487061046567754b1bd9a9eda32008df1441aa6926dba79
edk2-tools-doc-20231122-6.el9.noarch.rpm SHA-256: 95c36585fc76a0972be9f0b17b21a9d68b2860900f9f573aec6aab3c0a02b523

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4

SRPM
ppc64le
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4

SRPM
s390x
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4

SRPM
aarch64
edk2-debugsource-20231122-6.el9.aarch64.rpm SHA-256: a443955d1b441a8f1c5a88d599cfbe0dbe7547ab0a07d5f66e7b9c7977025aed
edk2-ovmf-20231122-6.el9.noarch.rpm SHA-256: 187f907984a43074cd846a1f3f2223a1bd12cf8c5828edfb32692252b473281b
edk2-tools-20231122-6.el9.aarch64.rpm SHA-256: 4da00fbe8a67f454f8b3604012cfccd0a4fe7736c06fdae99326a32f11090d9a
edk2-tools-debuginfo-20231122-6.el9.aarch64.rpm SHA-256: 6f1188f0034937684d9157d8aef2ac3f0b156c7642fd18ee73ec2696bd19b418
edk2-tools-doc-20231122-6.el9.noarch.rpm SHA-256: 95c36585fc76a0972be9f0b17b21a9d68b2860900f9f573aec6aab3c0a02b523

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
edk2-20231122-6.el9.src.rpm SHA-256: 8183ea6a6978d71de73ca2a7afcc0d9fa2ae26800ab65fa65553d8d6478f536a
aarch64
edk2-aarch64-20231122-6.el9.noarch.rpm SHA-256: 946a5202ee86b95988e2b01990f65c5e3fefe593acb8b0026176b2303b191d87

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.