ELSA-2023-2165
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-2165
ELSA-2023-2165 - edk2 security, bug fix, and enhancement update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2023-05-15 |
Description
[20221207gitfff6d81270b5-9]
- edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247]
- Resolves: bz#2169247
([edk2] Install a sev guest with enrolled secure boot failed)
[20221207gitfff6d81270b5-8]
- edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605]
- Resolves: bz#2174605
([EDK2] disable dynamic mmio window)
[20221207gitfff6d81270b5-7]
- edk2-Revert-MdeModulePkg-TerminalDxe-add-other-text-resol.patch [bz#2162307]
- Resolves: bz#2162307
(Broken GRUB output on a serial console)
[20221207gitfff6d81270b5-6]
- edk2-update-build-script-rhel-only.patch [bz#2168046]
- edk2-update-build-config-rhel-only.patch [bz#2168046]
- edk2-add-release-date-to-builds-rh-only.patch [bz#2168046]
- edk2-openssl-update.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- Resolves: bz#2168046
([SVVP] job 'Check SMBIOS Table Specific Requirements' failed on win2022)
- Resolves: bz#2164534
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-9])
- Resolves: bz#2164550
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-9])
- Resolves: bz#2164565
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-9])
- Resolves: bz#2164583
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-9])
[20221207gitfff6d81270b5-5]
- edk2-Revert-ArmVirtPkg-ArmVirtQemu-enable-initial-ID-map-.patch [bz#2157656]
- Resolves: bz#2157656
([edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares)
[20221207gitfff6d81270b5-4]
- edk2-ArmVirt-don-t-use-unaligned-CopyMem-on-NOR-flash.patch [bz#2158173]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
[20221207gitfff6d81270b5-3]
- edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch [bz#2158173]
- edk2-MdePkg-Remove-Itanium-leftover-data-structure-RH-onl.patch [bz#1983086]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
- Resolves: bz#1983086
(Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status))
[20221207gitfff6d81270b5-2]
- edk2-use-rpm-build-flags-rh-only.patch [RHEL-177]
- Resolves: RHEL-177
(Enable GNU_RELRO security protection)
[20221207gitfff6d81270b5-1]
- Rebase to edk2-stable202211 tag
Resolves: RHEL-119
(rebase edk2 to edk2-stable202211)
- Resolves: RHEL-75
(edk2 builds should show the build version)
- Resolves: bz#2132951
(edk2: Sort traditional virtualization builds before Confidential Computing builds)
[20220826gitba0e0e4c6a-2]
- edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch [bz#1989857]
- Resolves: bz#1989857
(CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation [rhel-9.0])
[ 0220826gitba0e0e4c6a-1]
- Rebase to edk2-stable202208 tag [RHELX-59]
Resolves: RHELX-59
(rebase edk2 to 2022-08 stable tag)
[20220526git16779ede2d36-4]
- edk2-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch [RHELX-58]
- Resolves: RHELX-58
(Guest console turns black with uefi rhel guests and stdvga)
Related CVEs
| CVE-2021-38578 |
| CVE-2022-4450 |
| CVE-2023-0286 |
| CVE-2023-0215 |
| CVE-2022-4304 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | 1a4c9d0adb4f4b266a789de801eb6e680a2b08f95d333176732cbcefb097d2f7 | - | ol9_aarch64_appstream |
| edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | 1a4c9d0adb4f4b266a789de801eb6e680a2b08f95d333176732cbcefb097d2f7 | - | ol9_aarch64_codeready_builder | |
| edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | f9ba5cdb007b7c399cf4d861859631755df545c22ee37dd4b762bdf2c5983b07 | - | ol9_aarch64_appstream | |
| edk2-tools-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm | 27eb33e835d1fb8860c023f5c98e70da9a80b1d74c429b5bcadc37411f87e0c6 | - | ol9_aarch64_codeready_builder | |
| edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | b642d6281c6e1215fbb4247a3a852efa02cd6038d8ee490d6fedeca7dc27597a | - | ol9_aarch64_codeready_builder | |
| Oracle Linux 9 (x86_64) | edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | 1a4c9d0adb4f4b266a789de801eb6e680a2b08f95d333176732cbcefb097d2f7 | - | ol9_x86_64_appstream |
| edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | 1a4c9d0adb4f4b266a789de801eb6e680a2b08f95d333176732cbcefb097d2f7 | - | ol9_x86_64_codeready_builder | |
| edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | f9ba5cdb007b7c399cf4d861859631755df545c22ee37dd4b762bdf2c5983b07 | - | ol9_x86_64_codeready_builder | |
| edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | 6a465e6c47d54d99b0dac8b749b097c5168292ad123e4283cff9d0b582754e6f | - | ol9_x86_64_appstream | |
| edk2-tools-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm | 1b50d2e86fc981a9a1aa55c5c7c92aea071d0bbe1cdf1878f379aef411a6b3df | - | ol9_x86_64_codeready_builder | |
| edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | b642d6281c6e1215fbb4247a3a852efa02cd6038d8ee490d6fedeca7dc27597a | - | ol9_x86_64_codeready_builder | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
