Bug 797232 (CVE-2019-14584)

Summary:	<sys-firmware/edk2-ovmf-202105: privilege escalation with local access (CVE-2019-14584)
Product:	Gentoo Security	Reporter:	John Helmert III <ajak>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	IN_PROGRESS ---
Severity:	normal	CC:	tamiko, virtualization
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	?? [glsa?]
Package list:		Runtime testing required:	---
Bug Depends on:	801925, 814122
Bug Blocks:	797703

Description John Helmert III archtester

2021-06-20 23:20:35 UTC

CVE-2019-14584 (https://bugzilla.redhat.com/show_bug.cgi?id=1889486):

Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.


Patch (in 202105): https://github.com/tianocore/edk2/commit/26442d11e620a9e81c019a24a4ff38441c64ba10

Comment 1 Larry the Git Cow gentoo-dev

2021-06-26 22:23:57 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=944a1bda9e2a0614e3a176588bb57477813e43dd

commit 944a1bda9e2a0614e3a176588bb57477813e43dd
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2021-06-26 22:16:40 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2021-06-26 22:23:52 +0000

    sys-firmware/edk2-ovmf: version bump to 202105
    
    Bug: https://bugs.gentoo.org/797703
    Bug: https://bugs.gentoo.org/797232
    Bug: https://bugs.gentoo.org/798777
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 sys-firmware/edk2-ovmf/Manifest                |   3 +
 sys-firmware/edk2-ovmf/edk2-ovmf-202105.ebuild | 173 +++++++++++++++++++++++++
 2 files changed, 176 insertions(+)

Comment 2 Matthias Maier gentoo-dev

2021-06-26 22:27:06 UTC

202105 is now in tree. Let's postpone stabiliziation and cleanup for a bit to get some testing in.

Comment 3 NATTkA bot gentoo-dev

2021-07-29 17:21:38 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 4 NATTkA bot gentoo-dev

2021-07-29 17:29:47 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 5 NATTkA bot gentoo-dev

2021-07-29 17:37:45 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 6 NATTkA bot gentoo-dev

2021-07-29 17:45:51 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 7 NATTkA bot gentoo-dev

2021-07-29 17:53:54 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 8 NATTkA bot gentoo-dev

2021-07-29 18:01:49 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 9 NATTkA bot gentoo-dev

2021-07-29 18:10:09 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 10 Sam James archtester

2021-08-10 04:45:18 UTC

Throwing in QEMU because it needs the same firmware.

Comment 11 NATTkA bot gentoo-dev

2021-09-07 17:40:41 UTC Comment hidden (obsolete)

Unable to check for sanity:

> no match for package: app-emulation/qemu-6.0.0-r52

Comment 12 NATTkA bot gentoo-dev

2021-09-08 19:44:39 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 13 NATTkA bot gentoo-dev

2021-09-20 20:36:39 UTC

Resetting sanity check; package list is empty or all packages are done.

Comment 14 John Helmert III archtester

2021-10-09 19:51:14 UTC

Please cleanup.

Comment 15 Larry the Git Cow gentoo-dev

2022-01-04 00:02:15 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dee51fb9e273c98d521b6d7083030f89d8c13ad5

commit dee51fb9e273c98d521b6d7083030f89d8c13ad5
Author:     Matthias Maier <tamiko@gentoo.org>
AuthorDate: 2022-01-03 23:51:34 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2022-01-04 00:02:11 +0000

    sys-firmware/edk2-ovmf: clean up vulnerable
    
    Bug: https://bugs.gentoo.org/797232
    Bug: https://bugs.gentoo.org/797703
    Package-Manager: Portage-3.0.30, Repoman-3.0.3
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 sys-firmware/edk2-ovmf/Manifest                |   3 -
 sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild | 186 -------------------------
 2 files changed, 189 deletions(-)