CVE-2019-0160: OVMF: overflows with long file names and invalid UDF media

Bug #1849205 reported by Bruce Jones on 2019-10-21
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Robin Lu

Bug Description

status : fixed
cvss2Score : 7.5
Attack Vector: N
Access Complexity : L
Autentication: N
Availability Impact :P
Affected packages:
['OVMF', 'openssl', 'openssl-libs']
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

CVE References

Bruce Jones (brucej) on 2019-10-21
tags: added:
Bruce Jones (brucej) on 2019-10-21
Changed in starlingx:
importance: Undecided → High
tags: added: stx.3.0
Ghada Khalil (gkhalil) wrote :

This CVE meets the fix criteria for StarlingX. Therefore, it needs to be fixed in master for stx.3.0 and then cherry-picked to r/stx.2.0.

summary: - Fix CVE-2019-0160
+ CVE-2019-0160: OVMF: overflows with long file names and invalid UDF
+ media
tags: added: stx.2.0
Ghada Khalil (gkhalil) on 2019-10-21
Changed in starlingx:
status: New → Triaged
Cindy Xie (xxie1) on 2019-10-22
Changed in starlingx:
assignee: nobody → Cindy Xie (xxie1)
Lin Shuicheng (shuicheng) wrote :

Here is the link from Redhat:

Below rpm need be upgraded to fix the issue:

upgraded to:

Robin Lu (robinlu) on 2019-11-18
Changed in starlingx:
assignee: Cindy Xie (xxie1) → Robin Lu (robinlu)
Ghada Khalil (gkhalil) on 2019-11-22
information type: Private Security → Public Security
Changed in starlingx:
status: Triaged → In Progress

Submitter: Zuul
Branch: master

commit 1d33f5ae60201a6d1baba026a6503ea43843b3ab
Author: Robin Lu <email address hidden>
Date: Mon Nov 11 16:47:49 2019 +0800

    Update OVMF rpm, due to CVE bug.

    CVE bug: CVE-2019-0160
    The updated rpm is selected from the below link.

    simplex, duplex, multi-node

    Closes-Bug: 1849205

    Change-Id: Ifdbbd82de912488af201f028a65c679acc204ed9
    Signed-off-by: Robin Lu <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Ghada Khalil (gkhalil) wrote :

@Robin, please cherrypick this change to r/stx.3.0

To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers