Oracle Linux Security Advisory ELSA-2024-11219

http://linux.oracle.com/errata/ELSA-2024-11219.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-tools-20240524-6.0.1.el9_5.3.x86_64.rpm
edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm

aarch64:
edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm
edk2-tools-20240524-6.0.1.el9_5.3.aarch64.rpm
edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//edk2-20240524-6.0.1.el9_5.3.src.rpm

Related CVEs:

CVE-2024-38796




Description of changes:

[20240524-6.0.1.el9_5.3]
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631]
- Resolves: RHEL-58631
  ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater)
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230]
- Resolves: RHEL-66230
  ([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725]
- Resolves: RHEL-65725
  ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833]
- Resolves: RHEL-56248
  (507x510 display resolution should not crash the firmware [edk2,rhel-9.6])
- Resolves: RHEL-60833
  (CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6])


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2024-11219: edk2:20240524 Moderate Security Advisory Updates

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[20240524-6.0.1.el9_5.3] - edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631] - Resolves: RHEL-58631 ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater) - edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230] - Resolves: RHEL-66230 ([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6]) - edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725] - Resolves: RHEL-65725 ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6]) - edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248] - edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248] - edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833] - Resolves: RHEL-56248 (507x510 display resolution should not crash the firmware [edk2,rhel-9.6]) - Resolves: RHEL-60833 (CVE-2024-38796 edk2: Integer overflows in PeCoff...

Read the Full Advisory

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates//edk2-20240524-6.0.1.el9_5.3.src.rpm

x86_64

edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm edk2-tools-20240524-6.0.1.el9_5.3.x86_64.rpm edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm

aarch64

edk2-aarch64-20240524-6.0.1.el9_5.3.noarch.rpm edk2-ovmf-20240524-6.0.1.el9_5.3.noarch.rpm edk2-tools-20240524-6.0.1.el9_5.3.aarch64.rpm edk2-tools-doc-20240524-6.0.1.el9_5.3.noarch.rpm

i386

Severity
Related CVEs: CVE-2024-38796

Related News

Parrot OS 6.3: Elevating Security with Enhanced Features & Tools
3 - 5 min read
Parrot OS 6.3 has just arrived , bringing crucial updates that security admins should note. This latest version of the popular secure Linux
Linux Kernel 6.14 Released: Top Security Features You Need to Know
3 - 6 min read
With the release of Linux kernel 6.14 , admins and Linux users have many new features and enhancements to look forward to - especially in the realm
Don
2 - 4 min read
Google recently issued a crucial Chrome update that those using a version of the browser prior to version 132.0.6834.110 should implement
Intel Brings Next-Level Security to Linux with Partner Security Engine
3 - 6 min read
Intel recently introduced a game-changer in hardware security with its new Partner Security Engine integrated into the Core Ultra Series 2. This
A Tiny Linux Kernel Tweak with Massive Implications for Datacenter Efficiency
3 - 6 min read
In a groundbreaking development, security researchers have introduced a small but mighty tweak to the Linux kernel that promises to cut data center
Best Practices for Securing Linux Systems Against Malicious Bots
3 - 6 min read
Linux systems have long been an indispensable asset to businesses and individuals alike. From running servers and cloud infrastructure to powering
Securing Open-Source Projects with Automated Testing on Linux
4 - 7 min read
Open-source project security testing focuses on many components, ensuring there are no safety vulnerabilities. These components include physical
KaOS Linux 2025.01: Merging Security with Practicality
3 - 6 min read
As the realm of Linux distribution expands, security admins find themselves faced with choosing a system that fits operational needs and upholds

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved