File _patchinfo of Package patchinfo.10518
<patchinfo incident="10518">
<issue tracker="bnc" id="1127820">VUL-0: CVE-2018-12180: OVMF: Buffer Overflow in BlockIo service for RAM disk</issue>
<issue tracker="bnc" id="1127821">CVE-2018-12178: OVMF: DNS should check the received packet size before using</issue>
<issue tracker="bnc" id="1127822">CVE-2018-3630: OVMF: Logic error in FV parsing</issue>
<issue tracker="cve" id="2018-12180"/>
<issue tracker="cve" id="2018-3630"/>
<issue tracker="cve" id="2018-12178"/>
<category>security</category>
<rating>important</rating>
<packager>gary_lin</packager>
<description>This update for ovmf fixes the following issues:
Security issues fixed:
- CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead
to memory read/write overrun (bsc#1127820).
- CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet (bsc#1127821).
- CVE-2018-3630: Fixed a logic error in FV parsing which could allow a local attacker to
bypass the chain of trust checks (bsc#1127822).
</description>
<summary>Security update for ovmf</summary>
</patchinfo>