Stay Connected:

ELBA-2025-20188

ELBA-2025-20188 - edk2 bug fix update

Type:BUG
Impact:NA
Release Date:2025-03-20

Description


[20250102-6]
- Create new 20250102 release for OL9 which includes the following fixed CVEs:
- EDK2: EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network [Orabug: 37414309] {CVE-2024-38796}
- Update to OpenSSL 3.0.15 which includes the following fixed CVEs:
{CVE-2023-4807} {CVE-2023-5363} {CVE-2023-5678} {CVE-2023-6129} {CVE-2023-6237} {CVE-2024-0727} {CVE-2024-2511} {CVE-2024-4603} {CVE-2024-4741} {CVE-2024-5535} {CVE-2024-6119}




Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) edk2-20250102-6.el9.src.rpmf2b17ec0f908807251fbe8ff657c5b50281075ff0ce1aa1cbd782c5a86f2e976-ol9_aarch64_developer_kvm_utils
edk2-20250102-6.el9.src.rpmf2b17ec0f908807251fbe8ff657c5b50281075ff0ce1aa1cbd782c5a86f2e976-ol9_aarch64_kvm_utils
edk2-aarch64-20250102-6.el9.noarch.rpmd544fd6271a0d5708495a010028ed242f922d1bbc1285786868f78519260d6ff-ol9_aarch64_kvm_utils
Oracle Linux 9 (x86_64) edk2-20250102-6.el9.src.rpmf2b17ec0f908807251fbe8ff657c5b50281075ff0ce1aa1cbd782c5a86f2e976-ol9_x86_64_developer_kvm_utils
edk2-20250102-6.el9.src.rpmf2b17ec0f908807251fbe8ff657c5b50281075ff0ce1aa1cbd782c5a86f2e976-ol9_x86_64_kvm_utils
edk2-ovmf-20250102-6.el9.noarch.rpm646f227d982e4ce0bf0914ffae7a845dc7c504f333d3e36fc0e60cc714554932-ol9_x86_64_kvm_utils



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights