First Last Prev Next    This bug is not in your last search results.
Bug 1131360 - (CVE-2018-12179) VUL-0: CVE-2018-12179: ovmf,OVMF: edk2: improper configuration insystem firmware leads to privilege escalation
(CVE-2018-12179)
VUL-0: CVE-2018-12179: ovmf,OVMF: edk2: improper configuration insystem firmw...
Status: RESOLVED UPSTREAM
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/228240/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-04-03 06:27 UTC by Marcus Meissner
Modified: 2019-04-11 04:45 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Gary Ching-Pang Lin 2019-04-10 09:29:19 UTC 
This vulnerability is about the driver of TCG Opal, a.k.a. Self-Encrypting Disk. AFAIK, qemu doesn't support SED, so we don't need the patch.

Bruce, could you confirm that?
Comment 2 Bruce Rogers 2019-04-10 14:57:07 UTC 
(In reply to Gary Ching-Pang Lin from comment #1)
> This vulnerability is about the driver of TCG Opal, a.k.a. Self-Encrypting
> Disk. AFAIK, qemu doesn't support SED, so we don't need the patch.
> 
> Bruce, could you confirm that?

Correct, qemu does not deal with SED at all.
Comment 3 Gary Ching-Pang Lin 2019-04-11 01:38:15 UTC 
Thanks, Bruce.
Then we don't need the patch.
Comment 4 Marcus Meissner 2019-04-11 04:45:41 UTC 
close
First Last Prev Next    This bug is not in your last search results.