rpm package
suse/ovmf&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4
pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-38578 | — | < 2017+git1510945757.b2662641d5-3.41.2 | 2017+git1510945757.b2662641d5-3.41.2 | Mar 3, 2022 | Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | ||
| CVE-2019-14575 | — | < 2017+git1510945757.b2662641d5-3.23.1 | 2017+git1510945757.b2662641d5-3.23.1 | Nov 23, 2020 | Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2019-14563 | — | < 2017+git1510945757.b2662641d5-3.23.1 | 2017+git1510945757.b2662641d5-3.23.1 | Nov 23, 2020 | Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2019-14562 | — | < 2017+git1510945757.b2662641d5-3.29.1 | 2017+git1510945757.b2662641d5-3.29.1 | Nov 23, 2020 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | ||
| CVE-2019-14559 | — | < 2017+git1510945757.b2662641d5-3.23.1 | 2017+git1510945757.b2662641d5-3.23.1 | Nov 23, 2020 | Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. | ||
| CVE-2019-14553 | — | < 2017+git1510945757.b2662641d5-3.23.1 | 2017+git1510945757.b2662641d5-3.23.1 | Nov 23, 2020 | Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access. | ||
| CVE-2017-5731 | — | < 2017+git1510945757.b2662641d5-3.5.1 | 2017+git1510945757.b2662641d5-3.5.1 | Oct 28, 2019 | Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||
| CVE-2019-0161 | — | < 2017+git1510945757.b2662641d5-3.16.1 | 2017+git1510945757.b2662641d5-3.16.1 | Mar 27, 2019 | Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. | ||
| CVE-2018-12181 | — | < 2017+git1510945757.b2662641d5-3.13.1 | 2017+git1510945757.b2662641d5-3.13.1 | Mar 27, 2019 | Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. | ||
| CVE-2018-12180 | — | < 2017+git1510945757.b2662641d5-3.8.3 | 2017+git1510945757.b2662641d5-3.8.3 | Mar 27, 2019 | Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | ||
| CVE-2019-0160 | — | < 2017+git1510945757.b2662641d5-3.13.1 | 2017+git1510945757.b2662641d5-3.13.1 | Mar 27, 2019 | Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. | ||
| CVE-2018-12178 | — | < 2017+git1510945757.b2662641d5-3.8.3 | 2017+git1510945757.b2662641d5-3.8.3 | Mar 27, 2019 | Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network. | ||
| CVE-2018-3613 | — | < 2017+git1510945757.b2662641d5-3.5.1 | 2017+git1510945757.b2662641d5-3.5.1 | Mar 27, 2019 | Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. |
- CVE-2021-38578Mar 3, 2022affected < 2017+git1510945757.b2662641d5-3.41.2fixed 2017+git1510945757.b2662641d5-3.41.2
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
- CVE-2019-14575Nov 23, 2020affected < 2017+git1510945757.b2662641d5-3.23.1fixed 2017+git1510945757.b2662641d5-3.23.1
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2019-14563Nov 23, 2020affected < 2017+git1510945757.b2662641d5-3.23.1fixed 2017+git1510945757.b2662641d5-3.23.1
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2019-14562Nov 23, 2020affected < 2017+git1510945757.b2662641d5-3.29.1fixed 2017+git1510945757.b2662641d5-3.29.1
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
- CVE-2019-14559Nov 23, 2020affected < 2017+git1510945757.b2662641d5-3.23.1fixed 2017+git1510945757.b2662641d5-3.23.1
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
- CVE-2019-14553Nov 23, 2020affected < 2017+git1510945757.b2662641d5-3.23.1fixed 2017+git1510945757.b2662641d5-3.23.1
Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access.
- CVE-2017-5731Oct 28, 2019affected < 2017+git1510945757.b2662641d5-3.5.1fixed 2017+git1510945757.b2662641d5-3.5.1
Bounds checking in Tianocompress before November 7, 2017 may allow an authenticated user to potentially enable an escalation of privilege via local access.
- CVE-2019-0161Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.16.1fixed 2017+git1510945757.b2662641d5-3.16.1
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
- CVE-2018-12181Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.13.1fixed 2017+git1510945757.b2662641d5-3.13.1
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
- CVE-2018-12180Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.8.3fixed 2017+git1510945757.b2662641d5-3.8.3
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
- CVE-2019-0160Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.13.1fixed 2017+git1510945757.b2662641d5-3.13.1
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
- CVE-2018-12178Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.8.3fixed 2017+git1510945757.b2662641d5-3.8.3
Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.
- CVE-2018-3613Mar 27, 2019affected < 2017+git1510945757.b2662641d5-3.5.1fixed 2017+git1510945757.b2662641d5-3.5.1
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.