ELBA-2025-20189
- ULN >
- Oracle Linux Errata repository >
- ELBA-2025-20189
ELBA-2025-20189 - edk2 bug fix update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2025-03-20 |
Description
[20250102-6]
- Create new 20250102 release for OL8 which includes the following fixed CVEs:
- EDK2: EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network [Orabug: 37414309] {CVE-2024-38796}
- Update to OpenSSL 3.0.15 which includes the following fixed CVEs:
{CVE-2023-4807} {CVE-2023-5363} {CVE-2023-5678} {CVE-2023-6129} {CVE-2023-6237} {CVE-2024-0727} {CVE-2024-2511} {CVE-2024-4603} {CVE-2024-4741} {CVE-2024-5535} {CVE-2024-6119}
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | edk2-20250102-6.el8.src.rpm | af87798b4b9c50e2f841c1c7fcba2e44d6e8cf2238b86a85e937dc256d5f79ef | - | ol8_aarch64_distro_builder |
| edk2-20250102-6.el8.src.rpm | af87798b4b9c50e2f841c1c7fcba2e44d6e8cf2238b86a85e937dc256d5f79ef | - | ol8_aarch64_kvm_appstream | |
| edk2-aarch64-20250102-6.el8.noarch.rpm | 680e8d676d069854ee978e7fa2f37784448905e6e5712f2fcdef8f60fe08701c | - | ol8_aarch64_kvm_appstream | |
| Oracle Linux 8 (x86_64) | edk2-20250102-6.el8.src.rpm | af87798b4b9c50e2f841c1c7fcba2e44d6e8cf2238b86a85e937dc256d5f79ef | - | ol8_x86_64_distro_builder |
| edk2-20250102-6.el8.src.rpm | af87798b4b9c50e2f841c1c7fcba2e44d6e8cf2238b86a85e937dc256d5f79ef | - | ol8_x86_64_kvm_appstream | |
| edk2-ovmf-20250102-6.el8.noarch.rpm | a31d771b9e2ab913677bd1ecb2bbc8e76337af2436c1672afc445166f163ea0e | - | ol8_x86_64_kvm_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
