Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. Reference: https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html Upstream commits: https://github.com/tianocore/edk2/commit/acebdf14c985c5c9f50b37ece0b15ada87767359 https://github.com/tianocore/edk2/commit/72750e3bf9174f15c17e78f0f117b5e7311bb49f
External References: https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html
Created edk2 tracking bugs for this issue: Affects: fedora-all [bug 1694085]
Created edk2 tracking bugs for this issue: Affects: epel-all [bug 1694086]
Upstream issue: https://bugzilla.tianocore.org/show_bug.cgi?id=973
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:2125
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-0161
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:2437 https://access.redhat.com/errata/RHSA-2019:2437