Synopsis: Moderate: ovmf security and enhancement update
Advisory ID:       SLSA-2019:2125-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-5407
                   CVE-2018-12181
                   CVE-2017-5735
                   CVE-2017-5731
                   CVE-2017-5733
                   CVE-2019-0161
                   CVE-2019-0160
                   CVE-2018-3613
                   CVE-2017-5734
                   CVE-2017-5732
--

Security Fix(es):

* edk2: Privilege escalation via processing of malformed files in
TianoCompress.c (CVE-2017-5731)

* edk2: Privilege escalation via processing of malformed files in
BaseUefiDecompressLib.c (CVE-2017-5732)

* edk2: Privilege escalation via heap-based buffer overflow in MakeTable()
function (CVE-2017-5733)

* edk2: Privilege escalation via stack-based buffer overflow in
MakeTable() function (CVE-2017-5734)

* edk2: Privilege escalation via heap-based buffer overflow in Decode()
function (CVE-2017-5735)

* edk2: Logic error in MdeModulePkg in EDK II firmware allows for
privilege escalation by authenticated users (CVE-2018-3613)

* openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures
(PortSmash) (CVE-2018-5407)

* edk2: Stack buffer overflow with corrupted BMP (CVE-2018-12181)

* edk2: buffer overflows in PartitionDxe and UdfDxe with long file names
and invalid UDF media (CVE-2019-0160)

* edk2: stack overflow in XHCI causing denial of service (CVE-2019-0161)
--

SL7
  x86_64
    OVMF-20180508-6.gitee3198e672e2.el7.noarch.rpm

- Scientific Linux Development Team