Bugs fixes in "edk2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-30 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-29 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-29 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-29 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-29 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-28 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-28 |
| Launchpad | 2133157 | ovmf 2024.02-2ubuntu0.6 broke UEFI network boot for VMs | 2025-11-28 |
| CVE | CVE-2025-3770 | EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul | 2025-11-27 |
| CVE | CVE-2025-2295 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | 2025-11-27 |
| CVE | CVE-2024-9143 | Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem | 2025-11-27 |
| CVE | CVE-2024-6119 | Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory | 2025-11-27 |
| CVE | CVE-2024-5535 | Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con | 2025-11-27 |
| CVE | CVE-2024-4741 | Use After Free with SSL_free_buffers | 2025-11-27 |
| CVE | CVE-2024-38805 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | 2025-11-27 |
| CVE | CVE-2024-38797 | EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via | 2025-11-27 |
| CVE | CVE-2024-38796 | EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. | 2025-11-27 |
| CVE | CVE-2024-2511 | Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta | 2025-11-27 |
| CVE | CVE-2024-13176 | Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ | 2025-11-27 |
| CVE | CVE-2024-1298 | EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A | 2025-11-27 |
About
-
Send Feedback to @ubuntu_updates
