[Git][security-tracker-team/security-tracker][master] Add CVE-2018-12179/edk2

Thu Mar 28 22:43:10 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1510265d by Salvatore Bonaccorso at 2019-03-28T22:41:34Z
Add CVE-2018-12179/edk2

Keep the undetermined status as the upstream bug is with restricted
acess and
https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html
lacks details.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46115,7 +46115,8 @@ CVE-2018-12180 (Buffer overflow in BlockIo service for EDK II may allow an unaut
 	NOTE: https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f
 	NOTE: https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d
 CVE-2018-12179 (Improper configuration in system firmware for EDK II may allow unauthe ...)
-	TODO: check
+	- edk2 <undetermined>
+	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1133 (restricted)
 CVE-2018-12178 (Buffer overflow in network stack for EDK II may allow unprivileged use ...)
 	- edk2 0~20181115.85588389-3 (bug #924615)
 	[stretch] - edk2 <no-dsa> (Minor issue, will be fixed via point update)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1510265d1fa95bceb08a8c7c1609433c0822c279

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1510265d1fa95bceb08a8c7c1609433c0822c279
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190328/0cfbd875/attachment.html>
