RHSA-2024:9088
Advisory lineage Upstream: 4 Downstream: 0
Published: 12 Nov 2024, 14:31
Last modified:03 Jun 2026, 10:09
Vulnerability Summary
Overall Risk (default)
medium
26/100 CVSS Score
6.5 MEDIUM
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
12 Nov 2024, 14:31
Published
Vulnerability first disclosed
03 Jun 2026, 10:09
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: edk2 security update
CVSS Metrics
- v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Affected Systems
- redhat•edk2
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-aarch64
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-debugsource
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-ovmf
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-tools
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-tools-debuginfo
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
- redhat•edk2-tools-doc
< 0:20240524-6.el9_5 | < 0:20240524-6.el9_5
References (35)
- https://access.redhat.com/errata/RHSA-2024:9088
- https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=2257571
- https://bugzilla.redhat.com/show_bug.cgi?id=2258502
- https://bugzilla.redhat.com/show_bug.cgi?id=2259944
- https://bugzilla.redhat.com/show_bug.cgi?id=2284243
- https://issues.redhat.com/browse/RHEL-26879
- https://issues.redhat.com/browse/RHEL-28751
- https://issues.redhat.com/browse/RHEL-32486
- https://issues.redhat.com/browse/RHEL-36446
- https://issues.redhat.com/browse/RHEL-43442
- https://issues.redhat.com/browse/RHEL-45899
- https://issues.redhat.com/browse/RHEL-56081
- https://issues.redhat.com/browse/RHEL-56974
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9088.json
- https://access.redhat.com/security/cve/CVE-2023-6129
- https://www.cve.org/CVERecord?id=CVE-2023-6129
- https://nvd.nist.gov/vuln/detail/CVE-2023-6129
- https://www.openssl.org/news/secadv/20240109.txt
- https://www.openwall.com/lists/oss-security/2024/01/09/1
- https://access.redhat.com/security/cve/CVE-2023-6237
- https://www.cve.org/CVERecord?id=CVE-2023-6237
- https://nvd.nist.gov/vuln/detail/CVE-2023-6237
- https://www.openssl.org/news/secadv/20240115.txt
- https://www.openwall.com/lists/oss-security/2024/01/15/2
- https://access.redhat.com/security/cve/CVE-2024-0727
- https://www.cve.org/CVERecord?id=CVE-2024-0727
- https://nvd.nist.gov/vuln/detail/CVE-2024-0727
- https://github.com/openssl/openssl/pull/23362
- https://www.openssl.org/news/secadv/20240125.txt
- https://access.redhat.com/security/cve/CVE-2024-1298
- https://www.cve.org/CVERecord?id=CVE-2024-1298
- https://nvd.nist.gov/vuln/detail/CVE-2024-1298
- https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53