ELSA-2024-1063

ELSA-2024-1063 - edk2 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2024-03-05

Description


[20220126gitbb1bba3d77-6.el8_9.6]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch [RHEL-21840 RHEL-21842]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch [RHEL-21840 RHEL-21842]
- Resolves: RHEL-21842
(CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [rhel-8])
- Resolves: RHEL-21850
(CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [rhel-8])


Related CVEs


CVE-2023-45234
CVE-2023-45230

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) edk2-20220126gitbb1bba3d77-6.el8_9.6.src.rpm817f8685ade5b0e703f52aee7720ce1ad5c6e0d284646182adf53fb5c731235f-ol8_aarch64_appstream
edk2-aarch64-20220126gitbb1bba3d77-6.el8_9.6.noarch.rpmcb4656be7a22984423178dab859a3ca3270063cf302da7152401859228922934-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) edk2-20220126gitbb1bba3d77-6.el8_9.6.src.rpm817f8685ade5b0e703f52aee7720ce1ad5c6e0d284646182adf53fb5c731235f-ol8_x86_64_appstream
edk2-ovmf-20220126gitbb1bba3d77-6.el8_9.6.noarch.rpm75b3562a6bebfb6de85e8cdaced9572ae2317bf6f1bb701ad0ee668f74f429b1-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete