Lucene search
RedHatRHSA-2023:6330HistoryNov 07, 2023 - 6:02 a.m.
(RHSA-2023:6330) Moderate: edk2 security, bug fix, and enhancement update
2023-11-0706:02:04
access.redhat.com
11
edk2 project
uefi support
security fix
qemu
kvm
openssl
dos
red hat enterprise linux 9.3
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
Security Fix(es):
-
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler() (CVE-2019-14560)
-
openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | x86_64 | edk2-tools | < 20230524-3.el9 | edk2-tools-20230524-3.el9.x86_64.rpm |
| RedHat | 9 | noarch | edk2-aarch64 | < 20230524-3.el9 | edk2-aarch64-20230524-3.el9.noarch.rpm |
| RedHat | 9 | x86_64 | edk2-tools-debuginfo | < 20230524-3.el9 | edk2-tools-debuginfo-20230524-3.el9.x86_64.rpm |
| RedHat | 9 | aarch64 | edk2-tools | < 20230524-3.el9 | edk2-tools-20230524-3.el9.aarch64.rpm |
| RedHat | 9 | aarch64 | edk2-debugsource | < 20230524-3.el9 | edk2-debugsource-20230524-3.el9.aarch64.rpm |
| RedHat | 9 | x86_64 | edk2-debugsource | < 20230524-3.el9 | edk2-debugsource-20230524-3.el9.x86_64.rpm |
| RedHat | 9 | noarch | edk2-tools-doc | < 20230524-3.el9 | edk2-tools-doc-20230524-3.el9.noarch.rpm |
| RedHat | 9 | noarch | edk2-ovmf | < 20230524-3.el9 | edk2-ovmf-20230524-3.el9.noarch.rpm |
| RedHat | 9 | aarch64 | edk2-tools-debuginfo | < 20230524-3.el9 | edk2-tools-debuginfo-20230524-3.el9.aarch64.rpm |
Related
almalinux
almalinux
Moderate: edk2 security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: edk2 security and bug fix update
2023-11-14 00:00:00
oraclelinux
oraclelinux
edk2 security, bug fix, and enhancement update
2023-11-11 00:00:00
edk2 security and bug fix update
2023-11-17 00:00:00
osv
osv
Moderate: edk2 security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: edk2 security and bug fix update
2023-11-14 00:00:00
openssl vulnerability
2023-06-22 14:53:11
cvelist
cvelist
CVE-2019-14560
1976-01-01 00:00:00
CVE-2023-2650 Possible DoS translating ASN.1 object identifiers
2023-05-30 13:40:11
debiancve
debiancve
CVE-2019-14560
2023-02-28 19:15:00
CVE-2023-2650
2023-05-30 14:15:09
nessus
nessus
CentOS 8 : edk2 (CESA-2023:6919)
2023-11-14 00:00:00
Oracle Linux 8 : edk2 (ELSA-2023-6919)
2023-11-21 00:00:00
RHEL 8 : edk2 (RHSA-2023:6919)
2023-11-14 00:00:00
redhat
redhat
(RHSA-2023:6919) Moderate: edk2 security and bug fix update
2023-11-14 08:40:18
(RHSA-2024:0408) Moderate: edk2 security update
2024-01-24 14:40:19
(RHSA-2024:1415) Important: edk2 security update
2024-03-19 16:35:30
cve
cve
CVE-2019-14560
2023-02-28 19:15:13
CVE-2023-2650
2023-05-30 14:15:09
redhatcve
redhatcve
CVE-2019-14560
2020-07-16 21:07:36
CVE-2023-2650
2023-05-30 15:11:50
nvd
nvd
CVE-2019-14560
2023-02-28 19:15:13
CVE-2023-2650
2023-05-30 14:15:09
ubuntucve
ubuntucve
CVE-2019-14560
2019-12-31 00:00:00
CVE-2023-2650
2023-05-30 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:1958-1)
2023-04-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1940-1)
2023-04-24 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:1968-1)
2023-04-25 00:00:00
freebsd
freebsd
OpenSSL -- Possible DoS translating ASN.1 identifiers
2023-05-30 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2023-06-08 22:34:59
cloudlinux
cloudlinux
openssl: Fix of CVE-2023-2650
2023-06-20 13:49:26
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2023-2650 affecting package openssl 1.1.1k-15
2023-06-27 21:25:25
amazon
amazon
Medium: openssl11
2023-06-21 19:11:00
Medium: openssl
2023-06-05 16:39:00
githubexploit
githubexploit
Exploit for Allocation of Resources Without Limits or Throttling in Openssl
2023-06-05 17:40:59
alpinelinux
alpinelinux
CVE-2023-2650
2023-05-30 14:15:09
ubuntu
ubuntu
OpenSSL vulnerability
2023-06-22 00:00:00
OpenSSL vulnerabilities
2023-05-30 00:00:00
Node.js vulnerabilities
2024-03-04 00:00:00
prion
prion
Authentication flaw
2023-05-30 14:15:00
broadcom
broadcom
Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
2024-04-17 00:00:00
ics
ics
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
2024-06-06 12:00:00
wolfi
wolfi
CVE-2023-2650 vulnerabilities
2024-07-03 09:08:38
openssl
openssl
Vulnerability in OpenSSL CVE-2023-2650
2023-05-30 00:00:00
slackware
slackware
[slackware-security] openssl
2023-05-31 01:33:48
redos
redos
ROS-20230621-05
2023-06-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-06-05 02:04:40
cgr
cgr
CVE-2023-2650 vulnerabilities
2024-05-19 03:07:16
f5
f5
K000135178 : OpenSSL vulnerability CVE-2023-2650
2023-06-22 00:00:00
cloudfoundry
cloudfoundry
USN-6119-1: OpenSSL vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
debian
debian
[SECURITY] [DSA 5417-1] openssl security update
2023-05-31 14:50:37