Release date:
2025-11-14 12:17:24 UTC
Description:
- CVE-2022-36763: fix heap buffer overflow in TPM2 measure boot library when
processing GPT partition tables
- CVE-2022-36764: fix heap buffer overflow in TPM measure boot library when
calculating PE image event size
- CVE-2022-36765: fix integer overflow in CreateHob() function that could lead
to undersized HOB allocation and out-of-bounds memory access
- Refactoring: fix symbol collision between TPM libraries introduced by
CVE-2022-36763 and CVE-2022-36764 patches
Updated packages:
-
edk2-aarch64-20221207gitfff6d81270b5-9.el9_2.tuxcare.els1.noarch.rpm
sha:b1703f3dd0bb8815e40b1f5f512f08412714d9eb3b5fc1e9620de5490b05c9a3
-
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.tuxcare.els1.noarch.rpm
sha:2f8920542ef6aaedafaf11b7076b89744a5fc6306d1d8797d39160ccdac65c0e
-
edk2-tools-20221207gitfff6d81270b5-9.el9_2.tuxcare.els1.x86_64.rpm
sha:a42689aa135adacedb5bbbe77870582641630c43ac7f2964b897f2ad1fcd48da
-
edk2-tools-doc-20221207gitfff6d81270b5-9.el9_2.tuxcare.els1.noarch.rpm
sha:d995fdbb513686f1d7b05052286f6dc927dce44c1ddad9fbf10ac5608aa57833
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
