ELSA-2025-20669 - edk2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2025-12-03 |
Description
[20250905-4.el8]
- Create new 20250905 release for OL8 which includes the following fixed CVEs:
- EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access [Orabug: 38381983] {CVE-2025-3770}
- EDK2: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means [Orabug: 38382190] {CVE-2024-38805}
- EDK2: EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network [Orabug: 38382286] {CVE-2024-38797}
- EDK2: Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. [Orabug: 38413860] {CVE-2024-36331}
- Update to OpenSSL 3.5.1 which includes the following fixed CVEs:
{CVE-2025-4575} {CVE-2024-12797} {CVE-2024-13176} {CVE-2024-12797} {CVE-2024-13176} {CVE-2024-9143}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 8 (aarch64) | edk2-20250905-4.el8.src.rpm | 613751add12208d2500c2f3451606f7339e4914e2c3020dbec3dccb0af928391 | - | ol8_aarch64_kvm_appstream |
| edk2-aarch64-20250905-4.el8.noarch.rpm | 7398c7e690048d89c952d8a0f94131800d73d155f876fb869f081a7487ecd7dd | - | ol8_aarch64_kvm_appstream |
|
| Oracle Linux 8 (x86_64) | edk2-20250905-4.el8.src.rpm | 613751add12208d2500c2f3451606f7339e4914e2c3020dbec3dccb0af928391 | - | ol8_x86_64_kvm_appstream |
| edk2-ovmf-20250905-4.el8.noarch.rpm | 729cb0d520a136179293296249d18ffee9db2ca615686f52c1a20bf47d8775df | - | ol8_x86_64_kvm_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
