Bugs fixes in "edk2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2021-23840 | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is cl | 2021-09-23 |
| CVE | CVE-2019-11098 | Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of ser | 2021-09-23 |
| CVE | CVE-2021-38575 | edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe | 2021-09-23 |
| CVE | CVE-2021-3712 | Read buffer overruns processing ASN.1 strings | 2021-09-23 |
| CVE | CVE-2021-23840 | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is cl | 2021-09-23 |
| CVE | CVE-2019-11098 | Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of ser | 2021-09-23 |
| CVE | CVE-2021-28211 | possible heap corruption with LzmaUefiDecompressGetInfo | 2021-04-22 |
| CVE | CVE-2021-28210 | unlimited FV recursion, round 2 | 2021-04-22 |
| CVE | CVE-2021-28211 | possible heap corruption with LzmaUefiDecompressGetInfo | 2021-04-20 |
| CVE | CVE-2021-28210 | unlimited FV recursion, round 2 | 2021-04-20 |
| CVE | CVE-2021-28211 | possible heap corruption with LzmaUefiDecompressGetInfo | 2021-04-20 |
| CVE | CVE-2021-28210 | unlimited FV recursion, round 2 | 2021-04-20 |
| CVE | CVE-2021-28211 | possible heap corruption with LzmaUefiDecompressGetInfo | 2021-04-20 |
| CVE | CVE-2021-28210 | unlimited FV recursion, round 2 | 2021-04-20 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-08 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-07 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-07 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-07 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-07 |
| CVE | CVE-2019-14562 | Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2021-01-07 |
About
-
Send Feedback to @ubuntu_updates
