Package: qemu-efi-aarch64
Version: 0~20181115.85588389-2
Severity: important
Buggy EFI apps[1] can corrupt the firmware flash volume by dereferencing
NULL pointers because we map the NOR flash at 0x0. Upstream has merged
patches to make these inadvertent accesses fault instead.
[1] For examples, see:
https://bugs.launchpad.net/bugs/1811722
https://bugs.launchpad.net/bugs/1811901
[2] 51bb05c795 ArmVirtPkg/QemuVirtMemInfoLib: trim the MMIO region mapping
5e27deed43 ArmVirtPkg/NorFlashQemuLib: disregard our primary FV
aa1097921d ArmPkg/ArmMmuLib ARM: handle unmapped sections when updating
permissions
36a87fec68 ArmPkg/ArmMmuLib ARM: handle unmapped section in
GetMemoryRegion()
Ubuntu version of this bug: https://bugs.launchpad.net/bugs/1812093
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.20.0-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-- no debconf information
