Bugzilla – Bug 1196741
VUL-0: CVE-2021-38578: ovmf: Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Last modified: 2024-05-17 11:15:54 UTC
CVE-2021-38578 Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38578 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38578 http://www.cvedetails.com/cve/CVE-2021-38578/ https://bugzilla.tianocore.org/show_bug.cgi?id=3387
https://edk2.groups.io/g/devel/message/90516
I think from the link in comment #2 that it means all affected: - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 - SUSE:SLE-15-SP2:Update/ovmf 201911 - SUSE:SLE-15-SP3:Update/ovmf 202008 - SUSE:SLE-15-SP4:Update/ovmf 202202 - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 - openSUSE:Factory/ovmf 202202
Hi Joey, any update on this?
Thanks for Hu's information. (In reply to Hu from comment #2) > https://edk2.groups.io/g/devel/message/90516 This patch is not merged yet. I have tried to access the tianocore bug, but I am not authorized to access it: https://bugzilla.tianocore.org/show_bug.cgi?id=3387
Upstream PR still not merged yet: https://github.com/tianocore/edk2/pull/2976/files
Upstream PR still not merged yet: https://github.com/tianocore/edk2/pull/2976/files I still do not have access right for bto#3387. So I can not check the progress: https://bugzilla.tianocore.org/show_bug.cgi?id=3387
(In reply to Gianluca Gabrielli from comment #12) > Hi Joey, do you have any update on that? Thanks for reminder. I am working on backporting patch: commit cab1f02565d3b29081dd21afb074f35fdb4e1fd6 Author: Miki Demeter <miki.demeter@intel.com> Date: Thu Oct 27 16:20:54 2022 -0700 MdeModulePkg/PiSmmCore: SmmEntryPoint underflow (CVE-2021-38578)
Updated status: - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 - SUSE:SLE-15-SP2:Update/ovmf 201911 - SUSE:SLE-15-SP3:Update/ovmf 202008 [sent, IBS SR#294609] - SUSE:SLE-15-SP4:Update/ovmf 202202 - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294608] - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 - openSUSE:Factory/ovmf 202302 [OK] 15-SP3/ovmf submitreq: https://build.suse.de/request/show/294609 15-SP5/ovmf submitreq: https://build.suse.de/request/show/294608
(In reply to Joey Lee from comment #14) > Updated status: > > - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f > - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 > - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 > - SUSE:SLE-15-SP2:Update/ovmf 201911 > - SUSE:SLE-15-SP3:Update/ovmf 202008 [sent, IBS SR#294609] > - SUSE:SLE-15-SP4:Update/ovmf 202202 > - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294608] > - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 > - openSUSE:Factory/ovmf 202302 [OK] > > 15-SP3/ovmf submitreq: > > https://build.suse.de/request/show/294609 > > 15-SP5/ovmf submitreq: > > https://build.suse.de/request/show/294608 Update submitreq number. 15-SP3/ovmf submitreq: https://build.suse.de/request/show/294651
(In reply to Joey Lee from comment #16) > (In reply to Joey Lee from comment #14) > > Updated status: > > > > - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f > > - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 > > - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 > > - SUSE:SLE-15-SP2:Update/ovmf 201911 > > - SUSE:SLE-15-SP3:Update/ovmf 202008 [sent, IBS SR#294609] > > - SUSE:SLE-15-SP4:Update/ovmf 202202 > > - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294608] > > - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 > > - openSUSE:Factory/ovmf 202302 [OK] > > > > 15-SP3/ovmf submitreq: > > > > https://build.suse.de/request/show/294609 > > > > 15-SP5/ovmf submitreq: > > > > https://build.suse.de/request/show/294608 > > Update submitreq number. > > 15-SP3/ovmf submitreq: > https://build.suse.de/request/show/294651 15-SP5/ovmf submitreq: https://build.suse.de/request/show/294652
Updated status: - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f [sent, IBS SR#295124] - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 [sent, IBS SR#295116] - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 [sent, IBS SR#295104] - SUSE:SLE-15-SP2:Update/ovmf 201911 [accepted, IBS SR#294942] - SUSE:SLE-15-SP3:Update/ovmf 202008 [accepted, IBS SR#294651] - SUSE:SLE-15-SP4:Update/ovmf 202202 - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294652] - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, IBS SR#295084] - openSUSE:Factory/ovmf 202302 [OK]
SUSE-SU-2023:1921-1: An update that solves two vulnerabilities can now be installed. Category: security (important) Bug References: 1174246, 1196741 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): ovmf-201911-150200.7.27.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): ovmf-201911-150200.7.27.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): ovmf-201911-150200.7.27.1 SUSE Enterprise Storage 7 (src): ovmf-201911-150200.7.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1941-1: An update that solves two vulnerabilities can now be installed. Category: security (important) Bug References: 1174246, 1196741 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: SUSE OpenStack Cloud 9 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE OpenStack Cloud Crowbar 9 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise Server for SAP Applications 12 SP4 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise Server 12 SP4 ESPOS 12-SP4 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise Server 12 SP4 LTSS 12-SP4 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise Server 12 SP5 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): ovmf-2017+git1510945757.b2662641d5-3.41.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1940-1: An update that solves two vulnerabilities can now be installed. Category: security (important) Bug References: 1174246, 1196741 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): ovmf-2017+git1510945757.b2662641d5-150000.5.46.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): ovmf-2017+git1510945757.b2662641d5-150000.5.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): ovmf-2017+git1510945757.b2662641d5-150000.5.46.1 SUSE CaaS Platform 4.0 (src): ovmf-2017+git1510945757.b2662641d5-150000.5.46.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1958-1: An update that solves two vulnerabilities can now be installed. Category: security (important) Bug References: 1174246, 1196741 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Real Time 15 SP3 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): ovmf-202008-150300.10.20.1 SUSE Manager Proxy 4.2 (src): ovmf-202008-150300.10.20.1 SUSE Manager Retail Branch Server 4.2 (src): ovmf-202008-150300.10.20.1 SUSE Manager Server 4.2 (src): ovmf-202008-150300.10.20.1 SUSE Enterprise Storage 7.1 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Micro 5.1 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Micro 5.2 (src): ovmf-202008-150300.10.20.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): ovmf-202008-150300.10.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:1968-1: An update that solves two vulnerabilities can now be installed. Category: security (important) Bug References: 1174246, 1196741 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): ovmf-2015+git1462940744.321151f-19.26.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
(In reply to Joey Lee from comment #22) > Updated status: > > - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f [sent, IBS > SR#295124] > - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 [sent, IBS > SR#295116] > - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 [sent, IBS > SR#295104] > - SUSE:SLE-15-SP2:Update/ovmf 201911 [accepted, IBS SR#294942] > - SUSE:SLE-15-SP3:Update/ovmf 202008 [accepted, IBS SR#294651] > - SUSE:SLE-15-SP4:Update/ovmf 202202 > - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294652] > - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, > IBS SR#295084] > - openSUSE:Factory/ovmf 202302 [OK] Updated status: - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f [accepted, IBS SR#295124] - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 [accepted, IBS SR#295116] - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, IBS SR#295104] - SUSE:SLE-15-SP2:Update/ovmf 201911 [accepted, IBS SR#294942] - SUSE:SLE-15-SP3:Update/ovmf 202008 [accepted, IBS SR#294651] - SUSE:SLE-15-SP4:Update/ovmf 202202 [sent, IBS SR#298094] - SUSE:SLE-15-SP5:GA 202208 [accepted, IBS SR#294652] - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, IBS SR#295084] - openSUSE:Factory/ovmf 202302 [OK]
SUSE-SU-2023:2234-1: An update that solves two vulnerabilities and has one fix can now be installed. Category: security (important) Bug References: 1174246, 1196741, 1205613 CVE References: CVE-2019-14560, CVE-2021-38578 Sources used: openSUSE Leap Micro 5.3 (src): ovmf-202202-150400.5.10.1 openSUSE Leap 15.4 (src): ovmf-202202-150400.5.10.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): ovmf-202202-150400.5.10.1 SUSE Linux Enterprise Micro 5.3 (src): ovmf-202202-150400.5.10.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): ovmf-202202-150400.5.10.1 SUSE Linux Enterprise Micro 5.4 (src): ovmf-202202-150400.5.10.1 Server Applications Module 15-SP4 (src): ovmf-202202-150400.5.10.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
(In reply to Joey Lee from comment #30) > (In reply to Joey Lee from comment #22) > > Updated status: > > > > - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f [sent, IBS > > SR#295124] > > - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 [sent, IBS > > SR#295116] > > - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 [sent, IBS > > SR#295104] > > - SUSE:SLE-15-SP2:Update/ovmf 201911 [accepted, IBS SR#294942] > > - SUSE:SLE-15-SP3:Update/ovmf 202008 [accepted, IBS SR#294651] > > - SUSE:SLE-15-SP4:Update/ovmf 202202 > > - SUSE:SLE-15-SP5:GA 202208 [sent, IBS SR#294652] > > - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, > > IBS SR#295084] > > - openSUSE:Factory/ovmf 202302 [OK] > > Updated status: > > - SUSE:SLE-12-SP2:Update/ovmf 2015+git1462940744.321151f [accepted, > IBS SR#295124] > - SUSE:SLE-12-SP3:Update/ovmf 2017+git1492060560.b6d11d7c46 [accepted, > IBS SR#295116] > - SUSE:SLE-12-SP4:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, > IBS SR#295104] > - SUSE:SLE-15-SP2:Update/ovmf 201911 [accepted, IBS SR#294942] > - SUSE:SLE-15-SP3:Update/ovmf 202008 [accepted, IBS SR#294651] > - SUSE:SLE-15-SP4:Update/ovmf 202202 [sent, IBS SR#298094] > - SUSE:SLE-15-SP5:GA 202208 [accepted, IBS SR#294652] > - SUSE:SLE-15:Update/ovmf 2017+git1510945757.b2662641d5 [accepted, > IBS SR#295084] > - openSUSE:Factory/ovmf 202302 [OK] update status: - SUSE:SLE-15-SP4:Update/ovmf 202202 [accepted, IBS SR#298094] All versions are fixed. reset assigner.
done