CVE-2021-28216
https://notcve.org/view.php?id=CVE-2021-28216
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. El puntero BootPermaneranceTable es leído desde una variable NVRAM en PEI. Se recomienda establecer PcdFirmwarePermaneranceDataTableS3Support en FALSE • https://bugzilla.tianocore.org/show_bug.cgi?id=2957 • CWE-587: Assignment of a Fixed Address to a Pointer CWE-763: Release of Invalid Pointer or Reference •
CVE-2019-11098
https://notcve.org/view.php?id=CVE-2019-11098
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access. Una comprobación insuficiente de entrada en la función MdeModulePkg en EDKII, puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios, Denegación de Servicio y/o Divulgación de Información por medio de acceso físico • https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability • CWE-20: Improper Input Validation •
CVE-2019-0161 – edk2: stack overflow in XHCI causing denial of service
https://notcve.org/view.php?id=CVE-2019-0161
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. Desbordamiento de pila en XHCI para EDK II podría permitir que un usuario no autenticado provoque una denegación de servicio mediante acceso local. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:2437 https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZ • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVE-2018-12181 – edk2: Stack buffer overflow with corrupted BMP
https://notcve.org/view.php?id=CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. Desbordamiento de pila en un bmp corrupto para EDK II podría permitir que un usuario privilegiado provoque una denegación de servicio o una elevación de privilegios mediante acceso local. A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:3338 https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ https://support.hpe.com/hpsc/doc/public/display? • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2018-12180 – edk2: Buffer Overflow in BlockIo service for RAM disk
https://notcve.org/view.php?id=CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. Desbordamiento de búfer en el servicio BlockIo para EDK II podría permitir que un usuario no autenticado escale privilegios, divulgue información y/o provoque una denegación de servicio mediante acceso de red. A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html https://access.redhat.com/errata/RHSA-2019:0809 https://access.redhat.com/errata/RHSA-2019:0968 https://access.redhat.com/errata/RHSA-2019:1116 https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ https://support.hpe.com/hpsc/doc/public/display?docLocale • CWE-787: Out-of-bounds Write •