[ELSA-2023-2165] edk2 security, bug fix, and enhancement update
[20221207gitfff6d81270b5-9]
- edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247]
- Resolves: bz#2169247
([edk2] Install a sev guest with enrolled secure boot failed)
[20221207gitfff6d81270b5-8]
- edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605]
- Resolves: bz#2174605
([EDK2] disable dynamic mmio window)
[20221207gitfff6d81270b5-7]
- edk2-Revert-MdeModulePkg-TerminalDxe-add-other-text-resol.patch [bz#2162307]
- Resolves: bz#2162307
(Broken GRUB output on a serial console)
[20221207gitfff6d81270b5-6]
- edk2-update-build-script-rhel-only.patch [bz#2168046]
- edk2-update-build-config-rhel-only.patch [bz#2168046]
- edk2-add-release-date-to-builds-rh-only.patch [bz#2168046]
- edk2-openssl-update.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- Resolves: bz#2168046
([SVVP] job 'Check SMBIOS Table Specific Requirements' failed on win2022)
- Resolves: bz#2164534
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-9])
- Resolves: bz#2164550
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-9])
- Resolves: bz#2164565
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-9])
- Resolves: bz#2164583
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-9])
[20221207gitfff6d81270b5-5]
- edk2-Revert-ArmVirtPkg-ArmVirtQemu-enable-initial-ID-map-.patch [bz#2157656]
- Resolves: bz#2157656
([edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares)
[20221207gitfff6d81270b5-4]
- edk2-ArmVirt-don-t-use-unaligned-CopyMem-on-NOR-flash.patch [bz#2158173]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
[20221207gitfff6d81270b5-3]
- edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch [bz#2158173]
- edk2-MdePkg-Remove-Itanium-leftover-data-structure-RH-onl.patch [bz#1983086]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
- Resolves: bz#1983086
(Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status))
[20221207gitfff6d81270b5-2]
- edk2-use-rpm-build-flags-rh-only.patch [RHEL-177]
- Resolves: RHEL-177
(Enable GNU_RELRO security protection)
[20221207gitfff6d81270b5-1]
- Rebase to edk2-stable202211 tag
Resolves: RHEL-119
(rebase edk2 to edk2-stable202211)
- Resolves: RHEL-75
(edk2 builds should show the build version)
- Resolves: bz#2132951
(edk2: Sort traditional virtualization builds before Confidential Computing builds)
[20220826gitba0e0e4c6a-2]
- edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch [bz#1989857]
- Resolves: bz#1989857
(CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation [rhel-9.0])
[ 0220826gitba0e0e4c6a-1]
- Rebase to edk2-stable202208 tag [RHELX-59]
Resolves: RHELX-59
(rebase edk2 to 2022-08 stable tag)
[20220526git16779ede2d36-4]
- edk2-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch [RHELX-58]
- Resolves: RHELX-58
(Guest console turns black with uefi rhel guests and stdvga)
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/edk2-tools?distro=oraclelinux-9.2 | < 20221207gitfff6d81270b5-9.el9_2 |
pkg:rpm/oraclelinux/edk2-tools-doc?distro=oraclelinux-9.2 | < 20221207gitfff6d81270b5-9.el9_2 |
pkg:rpm/oraclelinux/edk2-ovmf?distro=oraclelinux-9.2 | < 20221207gitfff6d81270b5-9.el9_2 |
pkg:rpm/oraclelinux/edk2-aarch64?distro=oraclelinux-9.2 | < 20221207gitfff6d81270b5-9.el9_2 |
- ID
- ELSA-2023-2165
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-2165.html
- Published
-
2023-05-15T00:00:00
(16 months ago) - Modified
-
2023-05-15T00:00:00
(16 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
- ALAS-2023-1683
- ALAS2-2023-1934
- ALAS2-2023-1935
- ALAS2-2024-2502
- ALPINE:CVE-2022-4304
- ALPINE:CVE-2022-4450
- ALPINE:CVE-2023-0215
- ALPINE:CVE-2023-0286
- ALSA-2023:0946
- ALSA-2023:1405
- ALSA-2023:2165
- ALSA-2023:2932
- DSA-5343-1
- ELSA-2023-0946
- ELSA-2023-12152
- ELSA-2023-12205
- ELSA-2023-12210
- ELSA-2023-12213
- ELSA-2023-12297
- ELSA-2023-12326
- ELSA-2023-13024
- ELSA-2023-13025
- ELSA-2023-13026
- ELSA-2023-13027
- ELSA-2023-1335
- ELSA-2023-1405
- ELSA-2023-2932
- ELSA-2023-32790
- ELSA-2023-32791
- FEDORA-2023-57f33242bc
- FEDORA-2023-a5564c0a3f
- FEDORA-2023-e1ffb79ddf
- FEDORA-2023-e821b64a4c
- FREEBSD:648A432C-A71F-11ED-86E9-D4C9EF517024
- FREEBSD:C1A8ED1C-2814-4260-82AA-9E37C83AAC93
- FREEBSD:C8EB4C40-47BD-11EE-8E38-002590C1F29C
- FREEBSD:D86BECFE-05A4-11EE-9D4A-080027EDA32C
- GLSA-202402-08
- RHSA-2023:0946
- RHSA-2023:1335
- RHSA-2023:1405
- RHSA-2023:2165
- RHSA-2023:2932
- RLSA-2023:0946
- RLSA-2023:1405
- RUSTSEC-2023-0006
- RUSTSEC-2023-0007
- RUSTSEC-2023-0009
- RUSTSEC-2023-0010
- SSA:2023-038-01
- SUSE-SU-2023:0305-1
- SUSE-SU-2023:0305-2
- SUSE-SU-2023:0306-1
- SUSE-SU-2023:0307-1
- SUSE-SU-2023:0308-1
- SUSE-SU-2023:0309-1
- SUSE-SU-2023:0310-1
- SUSE-SU-2023:0311-1
- SUSE-SU-2023:0312-1
- SUSE-SU-2023:0482-1
- SUSE-SU-2023:0581-1
- SUSE-SU-2023:0584-1
- SUSE-SU-2023:0684-1
- SUSE-SU-2023:1921-1
- SUSE-SU-2023:1940-1
- SUSE-SU-2023:1941-1
- SUSE-SU-2023:1958-1
- SUSE-SU-2023:1968-1
- SUSE-SU-2023:2234-1
- SUSE-SU-2023:2622-1
- SUSE-SU-2023:2623-1
- SUSE-SU-2023:2624-1
- SUSE-SU-2023:2633-1
- SUSE-SU-2023:2634-1
- SUSE-SU-2023:2648-1
- SUSE-SU-2023:3096-1
- SUSE-SU-2023:3179-1
- USN-5844-1
- USN-5845-1
- USN-5845-2
- USN-6564-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2023-2165 | https://linux.oracle.com/errata/ELSA-2023-2165.html | |
CVE | CVE-2021-38578 | https://linux.oracle.com/cve/CVE-2021-38578.html | |
CVE | CVE-2022-4450 | https://linux.oracle.com/cve/CVE-2022-4450.html | |
CVE | CVE-2023-0286 | https://linux.oracle.com/cve/CVE-2023-0286.html | |
CVE | CVE-2022-4304 | https://linux.oracle.com/cve/CVE-2022-4304.html | |
CVE | CVE-2023-0215 | https://linux.oracle.com/cve/CVE-2023-0215.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/edk2-tools?distro=oraclelinux-9.2 | oraclelinux | edk2-tools | < 20221207gitfff6d81270b5-9.el9_2 | oraclelinux-9.2 | ||
Affected | pkg:rpm/oraclelinux/edk2-tools-doc?distro=oraclelinux-9.2 | oraclelinux | edk2-tools-doc | < 20221207gitfff6d81270b5-9.el9_2 | oraclelinux-9.2 | ||
Affected | pkg:rpm/oraclelinux/edk2-ovmf?distro=oraclelinux-9.2 | oraclelinux | edk2-ovmf | < 20221207gitfff6d81270b5-9.el9_2 | oraclelinux-9.2 | ||
Affected | pkg:rpm/oraclelinux/edk2-aarch64?distro=oraclelinux-9.2 | oraclelinux | edk2-aarch64 | < 20221207gitfff6d81270b5-9.el9_2 | oraclelinux-9.2 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |