ELSA-2023-2165
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-2165
ELSA-2023-2165 - edk2 security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-05-15 |
Description
[20221207gitfff6d81270b5-9]
- edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247]
- Resolves: bz#2169247
([edk2] Install a sev guest with enrolled secure boot failed)
[20221207gitfff6d81270b5-8]
- edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605]
- Resolves: bz#2174605
([EDK2] disable dynamic mmio window)
[20221207gitfff6d81270b5-7]
- edk2-Revert-MdeModulePkg-TerminalDxe-add-other-text-resol.patch [bz#2162307]
- Resolves: bz#2162307
(Broken GRUB output on a serial console)
[20221207gitfff6d81270b5-6]
- edk2-update-build-script-rhel-only.patch [bz#2168046]
- edk2-update-build-config-rhel-only.patch [bz#2168046]
- edk2-add-release-date-to-builds-rh-only.patch [bz#2168046]
- edk2-openssl-update.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- Resolves: bz#2168046
([SVVP] job 'Check SMBIOS Table Specific Requirements' failed on win2022)
- Resolves: bz#2164534
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-9])
- Resolves: bz#2164550
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-9])
- Resolves: bz#2164565
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-9])
- Resolves: bz#2164583
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-9])
[20221207gitfff6d81270b5-5]
- edk2-Revert-ArmVirtPkg-ArmVirtQemu-enable-initial-ID-map-.patch [bz#2157656]
- Resolves: bz#2157656
([edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares)
[20221207gitfff6d81270b5-4]
- edk2-ArmVirt-don-t-use-unaligned-CopyMem-on-NOR-flash.patch [bz#2158173]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
[20221207gitfff6d81270b5-3]
- edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch [bz#2158173]
- edk2-MdePkg-Remove-Itanium-leftover-data-structure-RH-onl.patch [bz#1983086]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
- Resolves: bz#1983086
(Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status))
[20221207gitfff6d81270b5-2]
- edk2-use-rpm-build-flags-rh-only.patch [RHEL-177]
- Resolves: RHEL-177
(Enable GNU_RELRO security protection)
[20221207gitfff6d81270b5-1]
- Rebase to edk2-stable202211 tag
Resolves: RHEL-119
(rebase edk2 to edk2-stable202211)
- Resolves: RHEL-75
(edk2 builds should show the build version)
- Resolves: bz#2132951
(edk2: Sort traditional virtualization builds before Confidential Computing builds)
[20220826gitba0e0e4c6a-2]
- edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch [bz#1989857]
- Resolves: bz#1989857
(CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation [rhel-9.0])
[ 0220826gitba0e0e4c6a-1]
- Rebase to edk2-stable202208 tag [RHELX-59]
Resolves: RHELX-59
(rebase edk2 to 2022-08 stable tag)
[20220526git16779ede2d36-4]
- edk2-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch [RHELX-58]
- Resolves: RHELX-58
(Guest console turns black with uefi rhel guests and stdvga)
Related CVEs
| CVE-2021-38578 |
| CVE-2022-4450 |
| CVE-2023-0286 |
| CVE-2023-0215 |
| CVE-2022-4304 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 9 (aarch64) | edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | f85e2f4b29f6b4d213825461fdb53c96 | - |
| edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | a84b028b0712a0a30a7d885003e703c9 | - | |
| edk2-tools-20221207gitfff6d81270b5-9.el9_2.aarch64.rpm | 889a1a7fbe0dc3635801df2dcbdcbd6f | - | |
| edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | d08ee7ff0b1ca0bdab012816b64c5477 | - | |
| Oracle Linux 9 (x86_64) | edk2-20221207gitfff6d81270b5-9.el9_2.src.rpm | f85e2f4b29f6b4d213825461fdb53c96 | - |
| edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | a84b028b0712a0a30a7d885003e703c9 | - | |
| edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | 2ae7175144e6f9fec1ff0d5719f406f0 | - | |
| edk2-tools-20221207gitfff6d81270b5-9.el9_2.x86_64.rpm | 89b8df90ab22117bf641c39aecd563ec | - | |
| edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.noarch.rpm | d08ee7ff0b1ca0bdab012816b64c5477 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
