CVE-2017-5734 Affecting OVMF package, versions <1:1.2-5.el7

Q: How to fix?

Upgrade Oracle:7 OVMF to version 1:1.2-5.el7 or higher. This issue was patched in ELSA-2019-4785 .

Threat Intelligence

0.24% (64^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-ORACLE7-OVMF-2537247
published10 Apr 2022
disclosed28 Oct 2019

Report a new vulnerability Found a mistake?

Introduced: 28 Oct 2019

CVE-2017-5734 (opens in a new tab)

How to fix?

Upgrade Oracle:7 OVMF to version 1:1.2-5.el7 or higher.
This issue was patched in ELSA-2019-4785.

NVD Description

Note: Versions mentioned in the description apply only to the upstream OVMF package and not the OVMF package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none

References

https://linux.oracle.com/cve/CVE-2017-5734.html
https://linux.oracle.com/errata/ELSA-2019-2125.html
https://linux.oracle.com/errata/ELSA-2019-4668.html
https://linux.oracle.com/errata/ELSA-2019-4785.html