ELSA-2024-1075
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-1075
ELSA-2024-1075 - edk2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-03-08 |
Description
[20230524-4.el9_3.2]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p3.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p4.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Re.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-Removes-duplicate-check-and-repl.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-Packet-Length-is-not-updated-bef.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Updating-SecurityFixes.yaml.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- Resolves: RHEL-21841
(CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [rhel-9])
- Resolves: RHEL-21843
(CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [rhel-9])
- Resolves: RHEL-21845
(CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [rhel-9])
- Resolves: RHEL-21847
(CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [rhel-9])
- Resolves: RHEL-21849
(TRIAGE CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [rhel-9])
- Resolves: RHEL-21851
(CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [rhel-9])
- Resolves: RHEL-21853
(TRIAGE CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [rhel-9])
Related CVEs
| CVE-2023-45230 |
| CVE-2023-45234 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | edk2-20230524-4.el9_3.2.src.rpm | 7c98663b32bd971340aa569b635e260aa0bc9379048b42164ae1215b9f9547e3 | - | ol9_aarch64_appstream |
| edk2-20230524-4.el9_3.2.src.rpm | 7c98663b32bd971340aa569b635e260aa0bc9379048b42164ae1215b9f9547e3 | - | ol9_aarch64_codeready_builder | |
| edk2-aarch64-20230524-4.el9_3.2.noarch.rpm | 30c11a1231790b62cc6d94aba785d5ac7e6e9eb0e000c7d7bdf28331f7c90d3e | - | ol9_aarch64_appstream | |
| edk2-ovmf-20230524-4.el9_3.2.noarch.rpm | 1ab2158d11447f42b950c1e3e53dbd8f8b32365b780fc8194dea3c8e3bb2feb0 | - | ol9_aarch64_appstream | |
| edk2-tools-20230524-4.el9_3.2.aarch64.rpm | fb2c28cf8cc2cd951f4dde6afccabc607ee43fa9820b24d7e2ec9ba5f9f9411a | - | ol9_aarch64_codeready_builder | |
| edk2-tools-doc-20230524-4.el9_3.2.noarch.rpm | eafd496bdfa0e2fec76b7b55c147859097141d7ec509bc3ca4cdd8ebb1b779e4 | - | ol9_aarch64_codeready_builder | |
| Oracle Linux 9 (x86_64) | edk2-20230524-4.el9_3.2.src.rpm | 7c98663b32bd971340aa569b635e260aa0bc9379048b42164ae1215b9f9547e3 | - | ol9_x86_64_appstream |
| edk2-20230524-4.el9_3.2.src.rpm | 7c98663b32bd971340aa569b635e260aa0bc9379048b42164ae1215b9f9547e3 | - | ol9_x86_64_codeready_builder | |
| edk2-aarch64-20230524-4.el9_3.2.noarch.rpm | 30c11a1231790b62cc6d94aba785d5ac7e6e9eb0e000c7d7bdf28331f7c90d3e | - | ol9_x86_64_codeready_builder | |
| edk2-ovmf-20230524-4.el9_3.2.noarch.rpm | 1ab2158d11447f42b950c1e3e53dbd8f8b32365b780fc8194dea3c8e3bb2feb0 | - | ol9_x86_64_appstream | |
| edk2-tools-20230524-4.el9_3.2.x86_64.rpm | 35c8dbfe2a02c33d2a7bface735e5963e94043806d80b8b2c4c994a31623c4a3 | - | ol9_x86_64_codeready_builder | |
| edk2-tools-doc-20230524-4.el9_3.2.noarch.rpm | eafd496bdfa0e2fec76b7b55c147859097141d7ec509bc3ca4cdd8ebb1b779e4 | - | ol9_x86_64_codeready_builder | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
