[ALSA-2026:36721] Moderate: edk2 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2026-07-09
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230) Bug Fix(es) and Enhancement(s): * [FJ8.10 Bug] How to Update Secure Boot Certificates with Microsoft 2023 in KVM Guests (JIRA:AlmaLinux-151949) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
noarch edk2-ovmf-20220126gitbb1bba3d77-13.el8_10.10.noarch.rpm cd0a7b6775d19d2e953278236de61d32723aa23d0881f93f856caaddf6d80bc5
noarch edk2-aarch64-20220126gitbb1bba3d77-13.el8_10.10.noarch.rpm efbe615a52cf81a60a0a0969bb4b98a27beef49f03e266a691897b0e4038b6f0
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.