ELSA-2025-28047 - edk2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2025-12-11 |
Description
[20250905-4]
- Create new 20250905 release for OL9 which includes the following fixed CVEs:
- EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access [Orabug: 38381983] {CVE-2025-3770}
- EDK2: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means [Orabug: 38382190] {CVE-2024-38805}
- EDK2: EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network [Orabug: 38382286] {CVE-2024-38797}
- EDK2: Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. [Orabug: 38413860] {CVE-2024-36331}
- Update to OpenSSL 3.5.1 which includes the following fixed CVEs:
{CVE-2025-4575} {CVE-2024-12797} {CVE-2024-13176} {CVE-2024-12797} {CVE-2024-13176} {CVE-2024-9143}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | edk2-20250905-4.el9.src.rpm | da1f73a1937799cbde2f2686a38c086a850b1737b18fdedafcc9a31efc5083bc | - | ol9_aarch64_kvm_utils |
| edk2-aarch64-20250905-4.el9.noarch.rpm | b5cd55c6b1e01f78139bdf116ef1fb1be9693f0a5f47f3088057df236baab90c | - | ol9_aarch64_kvm_utils |
|
| Oracle Linux 9 (x86_64) | edk2-20250905-4.el9.src.rpm | da1f73a1937799cbde2f2686a38c086a850b1737b18fdedafcc9a31efc5083bc | - | ol9_x86_64_kvm_utils |
| edk2-ovmf-20250905-4.el9.noarch.rpm | 9a6f627223b03d8ff86404c9b6040a27d7d7aa84dc6f7da39b0397ae99b6e5cf | - | ol9_x86_64_kvm_utils |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
