Bugs fixes in "edk2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-45230 | EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exp | 2024-02-15 |
| CVE | CVE-2022-36765 | EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local netw | 2024-02-15 |
| CVE | CVE-2022-36764 | EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. S | 2024-02-15 |
| CVE | CVE-2022-36763 | EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. | 2024-02-15 |
| CVE | CVE-2023-48733 | An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot. | 2024-02-15 |
| CVE | CVE-2023-45235 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise messa | 2024-02-15 |
| CVE | CVE-2023-45234 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vu | 2024-02-15 |
| CVE | CVE-2023-4523 | Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run a | 2024-02-15 |
| CVE | CVE-2023-45233 | EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vu | 2024-02-15 |
| CVE | CVE-2023-45232 | EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This | 2024-02-15 |
| CVE | CVE-2023-45231 | EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerabili | 2024-02-15 |
| CVE | CVE-2023-45229 | EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message | 2024-02-15 |
| CVE | CVE-2023-45230 | EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exp | 2024-02-15 |
| CVE | CVE-2022-36765 | EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local netw | 2024-02-15 |
| CVE | CVE-2022-36764 | EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. S | 2024-02-15 |
| CVE | CVE-2022-36763 | EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. | 2024-02-15 |
| CVE | CVE-2023-45235 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise messa | 2024-02-15 |
| CVE | CVE-2023-45234 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vu | 2024-02-15 |
| CVE | CVE-2023-4523 | Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run a | 2024-02-15 |
| CVE | CVE-2023-45233 | EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vu | 2024-02-15 |
About
-
Send Feedback to @ubuntu_updates
