Bugzilla – Bug 1177789
VUL-1: CVE-2019-14584: ovmf,shim: NULL pointer dereference in AuthenticodeVerify()
Last modified: 2024-05-16 07:40:10 UTC
CVE-2019-14584 https://edk2.groups.io/g/devel/message/66309 https://bugzilla.tianocore.org/show_bug.cgi?id=1914 AuthenticodeVerify() calls OpenSSLs d2i_PKCS7() API to parse asn encoded signed authenticode pkcs#7 data. when this successfully returns, a type check is done by calling PKCS7_type_is_signed() and then Pkcs7->d.sign->contents->type is used. It is possible to construct an asn1 blob that successfully decodes and have d2i_PKCS7() return a valid pointer and have PKCS7_type_is_signed() also return success but have Pkcs7->d.sign be a NULL pointer.
The fix hit the edk2 git master and was included in stable202011. Will start to backport it. (*) https://github.com/tianocore/edk2/commit/26442d11e620a9e81c019a24a4ff38441c64ba10
The fix is submitted. Reassign the bug back to the security team.
SUSE-SU-2020:3885-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1177789 CVE References: CVE-2019-14584 JIRA References: Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP1 (src): ovmf-2017+git1510945757.b2662641d5-5.38.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:3884-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1177789 CVE References: CVE-2019-14584 JIRA References: Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP2 (src): ovmf-201911-7.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:3883-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1177789 CVE References: CVE-2019-14584 JIRA References: Sources used: SUSE Linux Enterprise Server 12-SP5 (src): ovmf-2017+git1510945757.b2662641d5-3.32.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:2314-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1177789 CVE References: CVE-2019-14584 JIRA References: Sources used: openSUSE Leap 15.2 (src): ovmf-201911-lp152.6.8.1
openSUSE-SU-2020:2336-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1177789 CVE References: CVE-2019-14584 JIRA References: Sources used: openSUSE Leap 15.1 (src): ovmf-2017+git1510945757.b2662641d5-lp151.11.12.1
This is an autogenerated message for OBS integration: This bug (1177789) was mentioned in https://build.opensuse.org/request/show/887447 15.2 / shim
openSUSE-SU-2021:0598-1: An update that solves one vulnerability and has 7 fixes is now available. Category: security (important) Bug References: 1173411,1174512,1175509,1177315,1177404,1177789,1182057,1184454 CVE References: CVE-2019-14584 JIRA References: Sources used: openSUSE Leap 15.2 (src): shim-15.4-lp152.4.8.1
SUSE-SU-2021:2117-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1177789,1183578,1183579,1186151 CVE References: CVE-2019-14584,CVE-2021-28210,CVE-2021-28211 JIRA References: Sources used: SUSE Linux Enterprise Server 12-SP2-BCL (src): ovmf-2015+git1462940744.321151f-19.23.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-RU-2021:3224-1: An update that has 12 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1177315,1177789,1182057,1184454,1185232,1185261,1185441,1185464,1185621,1185961,1187260,1187696 CVE References: JIRA References: Sources used: SUSE MicroOS 5.0 (src): shim-15.4-3.32.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): shim-susesigned-15.4-3.10.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): shim-15.4-3.32.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-RU-2021:3224-1: An update that has 12 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1177315,1177789,1182057,1184454,1185232,1185261,1185441,1185464,1185621,1185961,1187260,1187696 CVE References: JIRA References: Sources used: openSUSE Leap 15.3 (src): shim-susesigned-15.4-3.10.1