SUSE-SU-2023:0004-1

UNKNOWN

Security update for ovmf

Published Jan 2, 2023

Modified 3 years ago

Fix available

Details

This update for ovmf fixes the following issues:

CVE-2019-11098: Fixed insufficient input validation in MdeModulePkg (bsc#1188371).

Affected Packages

ovmf

SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise Server 15 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP2SUSE Manager Proxy 4.1

Fixed in:

201911-150200.7.24.1

ovmf-tools

Fixed in:

201911-150200.7.24.1

qemu-ovmf-x86_64

Fixed in:

201911-150200.7.24.1

qemu-uefi-aarch64

SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise Server 15 SP2-LTSS

Fixed in:

201911-150200.7.24.1

References

REPORT

https://bugzilla.suse.com/1188371

WEB

https://www.suse.com/security/cve/CVE-2019-11098

ADVISORY

https://www.suse.com/support/update/announcement/2023/suse-su-20230004-1/

Upstream

CVE-2019-11098

Ecosystems(7)

SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1

Timeline

PublishedJan 2, 2023

ModifiedJan 2, 2023

SUSE-SU-2023:0004-1 | Mondoo Vulnerability Intelligence