CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-45230 – Buffer Overflow in EDK II Network Package
https://notcve.org/view.php?id=CVE-2023-45230
16 Jan 2024 — EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. EDK2's Network Package es susceptible a una vulnerabilidad de desbordamiento de búfer a través de una opción de ID de servidor larga en el cliente DHCPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso no autor... • https://packetstorm.news/files/id/176574 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-45229 – Out-of-Bounds Read in EDK II Network Package
https://notcve.org/view.php?id=CVE-2023-45229
16 Jan 2024 — EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. EDK2's Network Package es susceptible a una vulnerabilidad de lectura fuera de los límites cuando procesa la opción IA_NA o IA_TA en un mensaje de publicidad DHCPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acce... • https://packetstorm.news/files/id/176574 • CWE-125: Out-of-bounds Read CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36765 – Integer Overflow in CreateHob
https://notcve.org/view.php?id=CVE-2022-36765
09 Jan 2024 — EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. EDK2 es susceptible a una vulnerabilidad en la función CreateHob(), lo que permite a un usuario activar un desbordamiento de enteros para desbordar el búfer a través de una red local. La explotación exitosa de esta vulnerabilidad pue... • https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36764 – Heap Buffer Overflow in Tcg2MeasurePeImage
https://notcve.org/view.php?id=CVE-2022-36764
09 Jan 2024 — EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. EDK2 es susceptible a una vulnerabilidad en la función Tcg2MeasurePeImage(), lo que permite a un usuario desencadenar un desbordamiento de búfer de almacenamiento dinámico a través de una red local. La explotación exitosa de esta vulnerabi... • https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36763 – Heap Buffer Overflow in Tcg2MeasureGptTable
https://notcve.org/view.php?id=CVE-2022-36763
09 Jan 2024 — EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. EDK2 es susceptible a una vulnerabilidad en la función Tcg2MeasureGptTable(), lo que permite a un usuario desencadenar un desbordamiento de búfer de almacenamiento dinámico a través de una red local. La explotación exitosa de esta vulnera... • https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2021-38578 – edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation
https://notcve.org/view.php?id=CVE-2021-38578
03 Mar 2022 — Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. Unas comprobaciones existentes de CommBuffer en SmmEntryPoint no detectan el desbordamiento cuando es calculado BufferSize A flaw was found in edk2. A integer underflow in the SmmEntryPoint function leads to a write into the SMM region allowing a local attacker with administration privileges on the system to execute code within the SMM privileged context. The highest threat from this vulnerability is to data conf... • https://bugzilla.tianocore.org/show_bug.cgi?id=3387 • CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2021-38576
https://notcve.org/view.php?id=CVE-2021-38576
03 Jan 2022 — A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system. Un error de la BIOS en el firmware de un determinado modelo de PC deja vacío el valor de autorización de la plataforma. Esto puede ser usado para brickear permanentemente el TPM de múltiples maneras, así como para DoS no permanente del sistema • https://bugzilla.tianocore.org/show_bug.cgi?id=3499 •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 1CVE-2021-38575 – edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe
https://notcve.org/view.php?id=CVE-2021-38575
21 Sep 2021 — NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. NetworkPkg/IScsiDxe presenta unos desbordamientos de búfer explotables de forma remota A flaw was found in edk2. Missing checks in the IScsiHexToBin function in NetworkPkg/IScsiDxe lead to a buffer overflow allowing a remote attacker, who can inject himself in the communication between edk2 and the iSCSI target, to write arbitrary data to any address in the edk2 firmware and potentially execute code. The highest threat from this vulnerability is... • https://bugzilla.tianocore.org/show_bug.cgi?id=3356 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-124: Buffer Underwrite ('Buffer Underflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28213
https://notcve.org/view.php?id=CVE-2021-28213
11 Jun 2021 — Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. La clave privada cifrada Example EDK2 en el archivo IpSecDxe.efi presenta riesgos potenciales de seguridad • https://bugzilla.tianocore.org/show_bug.cgi?id=1866 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28210 – edk2: unlimited FV recursion, round 2
https://notcve.org/view.php?id=CVE-2021-28210
21 Apr 2021 — An unlimited recursion in DxeCore in EDK II. Una recursión ilimitada en la función DxeCore en EDK II A flaw was found in edk2. An unlimited recursion in DxeCore may allow an attacker to corrupt the system memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. • https://bugzilla.tianocore.org/show_bug.cgi?id=1743 • CWE-674: Uncontrolled Recursion •