RHSA-2024:9088MediumCVSS 6.5
Red Hat Security Advisory: edk2 security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2023-6129 — openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6237 — openssl: Excessive time spent checking invalid RSA public keys CVE-2024-0727 — openssl: denial of service via null dereference CVE-2024-1298 — edk2: Temporary DoS vulnerability
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2024:9088
- externalhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2257571
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2258502
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2259944
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2284243
- externalhttps://issues.redhat.com/browse/RHEL-26879
- externalhttps://issues.redhat.com/browse/RHEL-28751
- externalhttps://issues.redhat.com/browse/RHEL-32486
- externalhttps://issues.redhat.com/browse/RHEL-36446
- externalhttps://issues.redhat.com/browse/RHEL-43442
- externalhttps://issues.redhat.com/browse/RHEL-45899
- externalhttps://issues.redhat.com/browse/RHEL-56081
- externalhttps://issues.redhat.com/browse/RHEL-56974
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9088.json