Release date:
2026-05-26 08:58:07 UTC
Description:
- CVE-2024-1298: fix potential UINT32 overflow in S3 ResumeCount that could DoS firmware on resume (EDK2)
- CVE-2024-38796: fix integer overflow in PeCoffLoaderRelocateImage() that could lead to memory corruption (EDK2)
- CVE-2023-2650: fix DoS in OBJ_obj2txt() when parsing OBJECT IDENTIFIERs with very large sub-identifiers (bundled OpenSSL)
- CVE-2023-3446: fix excessive runtime in DH_check() when supplied with over-sized modulus (bundled OpenSSL)
- CVE-2024-0727: fix NULL pointer dereference in PKCS12 ContentInfo handling that could crash applications (bundled OpenSSL)
Updated packages:
-
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.tuxcare.els4.noarch.rpm
sha:37f787096dd7f14594c201542d511eae9de60ddeef15072ac8688321a84ad259
-
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.tuxcare.els4.noarch.rpm
sha:fcda08364cd2d870a0b654c9792104c1f6f008b4f401fbdcb076c9dbaef0fda5
-
edk2-tools-20221207gitfff6d81270b5-9.el9_2.tuxcare.els4.x86_64.rpm
sha:8eeb0afc3bbf05b41c9dc9bae32ffe37fe42291dea1a35c146c56674ebc08cbb
-
edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.tuxcare.els4.noarch.rpm
sha:54f091157acdc4a76414756a00baeb2663fc73b8fcc4ad3b59426e8eec840cd1
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
