moderate: ovmf/uriparser security update
moderate
An update for ovmf/uriparser is now available for NewStart CGSL MAIN 5.04/CGSL CORE 5.04.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
ovmf: OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
uriparser: Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license.
Security Fix(es):
ovmf: A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors.(CVE-2018-12181)
ovmf: Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media.(CVE-2019-0160)
ovmf: A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.(CVE-2018-5407)
ovmf: Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.(CVE-2019-0161)
ovmf: Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.(CVE-2018-3613)
ovmf: Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.(CVE-2017-5731)
ovmf: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.(CVE-2017-5732)
ovmf: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.(CVE-2017-5733)
ovmf: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.(CVE-2017-5734)
ovmf: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.(CVE-2017-5735)
ovmf: bugfix
uriparser: An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.(CVE-2018-19199)
uriparser: An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.(CVE-2018-19198)
uriparser: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F19.
© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2
全国服务热线:400-033-0108