CVE-2019-0161 – edk2: stack overflow in XHCI causing denial of service
https://notcve.org/view.php?id=CVE-2019-0161
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access. Desbordamiento de pila en XHCI para EDK II podría permitir que un usuario no autenticado provoque una denegación de servicio mediante acceso local. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:2437 https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZ • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVE-2018-12181 – edk2: Stack buffer overflow with corrupted BMP
https://notcve.org/view.php?id=CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access. Desbordamiento de pila en un bmp corrupto para EDK II podría permitir que un usuario privilegiado provoque una denegación de servicio o una elevación de privilegios mediante acceso local. A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 16(2^4) or 256(2^8) colors. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:3338 https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ https://support.hpe.com/hpsc/doc/public/display? • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2018-12180 – edk2: Buffer Overflow in BlockIo service for RAM disk
https://notcve.org/view.php?id=CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. Desbordamiento de búfer en el servicio BlockIo para EDK II podría permitir que un usuario no autenticado escale privilegios, divulgue información y/o provoque una denegación de servicio mediante acceso de red. A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html https://access.redhat.com/errata/RHSA-2019:0809 https://access.redhat.com/errata/RHSA-2019:0968 https://access.redhat.com/errata/RHSA-2019:1116 https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ https://support.hpe.com/hpsc/doc/public/display?docLocale • CWE-787: Out-of-bounds Write •
CVE-2018-12179
https://notcve.org/view.php?id=CVE-2018-12179
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. Configuración incorrecta en el firmware del sistema para EDK II podría permitir que un usuario no autenticado escale privilegios, divulgue información y/o provoque una denegación de servicio mediante acceso local. • https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us •
CVE-2019-0160 – edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media
https://notcve.org/view.php?id=CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. Desbordamiento de búfer en el firmware del sistema para EDK II podría permitir que un usuario no autenticado escale privilegios y/o provoque una denegación de servicio mediante acceso de red. Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media. • https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html https://access.redhat.com/security/cve/CVE-2019-0160 https://bugzilla.redhat.com/show_bug.cgi?id=1691640 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •