{"id":"ALSA-2024:11185","summary":"Moderate: edk2:20220126gitbb1bba3d77 security update","details":"EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.   \n\nSecurity Fix(es):  \n\n  * edk2: Integer overflows in PeCoffLoaderRelocateImage (CVE-2024-38796)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-02-04T04:09:43.586839Z","published":"2024-12-17T00:00:00Z","related":["CVE-2024-38796"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:11185"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-38796"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2315390"},{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2024-11185.html"}],"affected":[{"package":{"name":"edk2-aarch64","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/edk2-aarch64"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20220126gitbb1bba3d77-13.el8_10.4"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:11185.json"}},{"package":{"name":"edk2-ovmf","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/edk2-ovmf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20220126gitbb1bba3d77-13.el8_10.4"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2024:11185.json"}}],"schema_version":"1.7.3"}