Lucene search
OracleLinuxELSA-2024-3017HistoryMay 23, 2024 - 12:00 a.m.
edk2 security update
2024-05-2300:00:00
linux.oracle.com
10
edk2
security
update
vulnerabilities
rhel-21158
rhel-21840
rhel-21844
rhel-21846
rhel-21848
rhel-21850
rhel-21852
cve-2022-36765
cve-2023-45229
cve-2023-45231
cve-2023-45232
cve-2023-45233
cve-2023-45234
cve-2023-45235
integer overflow
infinite loop
buffer overflow
out of bounds read
security patch
CVSS3
8.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
EPSS
0.005
Percentile
76.7%
[20220126gitbb1bba3d77-13]
- edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158]
- edk2-StandaloneMmPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158]
- Resolves: RHEL-21158
(CVE-2022-36765 edk2: integer overflow in CreateHob() could lead to HOB OOB R/W [rhel-8])
[20220126gitbb1bba3d77-12] - edk2-Apply-uncrustify-changes-to-.c-.h-files-in-the-Netwo.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Apply-uncrustify-changes.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p3.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p4.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Apply-uncrustify-changes-p2.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Re.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Dhcp6Dxe-Removes-duplicate-check-and-repl.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- edk2-NetworkPkg-Dhcp6Dxe-Packet-Length-is-not-updated-bef.patch [RHEL-21840 RHEL-21844 RHEL-21846 RHEL-21848 RHEL-21850 RHEL-21852]
- Resolves: RHEL-21840
(CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [rhel-8]) - Resolves: RHEL-21844
(CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [rhel-8]) - Resolves: RHEL-21846
(CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [rhel-8]) - Resolves: RHEL-21848
(CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [rhel-8]) - Resolves: RHEL-21850
(CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [rhel-8]) - Resolves: RHEL-21852
(CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [rhel-8])
[20220126gitbb1bba3d77-11] - edk2-SecurityPkg-Change-use-of-EFI_D_-to-DEBUG_.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-Change-OPTIONAL-keyword-usage-style.patch [RHEL-21154 RHEL-21156]
- edk2-MdePkg-Introduce-CcMeasurementProtocol-for-CC-Guest-.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-Support-CcMeasurementProtocol-in-DxeTpm2.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-Support-CcMeasurementProtocol-in-DxeTpmM.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-418.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SEC-PATCH-4118-2.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SEC-PATCH-4117-2.patch [RHEL-21154 RHEL-21156]
- edk2-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch [RHEL-21154 RHEL-21156]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch [RHEL-21840 RHEL-21842]
- edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch [RHEL-21840 RHEL-21842]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch [RHEL-21840 RHEL-21842]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch [RHEL-21840 RHEL-21842]
- Resolves: RHEL-21154
(CVE-2022-36763 edk2: heap buffer overflow in Tcg2MeasureGptTable() [rhel-8]) - Resolves: RHEL-21156
(CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [rhel-8]) - Resolves: RHEL-21840
(CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [rhel-8]) - Resolves: RHEL-21842
(CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [rhel-8])
[20220126gitbb1bba3d77-10] - edk2-OvmfPkg-VirtNorFlashDxe-clone-ArmPlatformPkg-s-NOR-f.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-remove-CheckBlockLocked-feat.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-remove-disk-I-O-protocol-imp.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-drop-block-I-O-protocol-impl.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-avoid-array-mode-switch-afte.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-avoid-switching-between-mode.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-use-EFI_MEMORY_WC-and-drop-A.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariable2.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variable2.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-add-casts-to-UINTN-and-UINT3.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-clarify-block-write-logic-fi.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-add-a-loop-for-NorFlashWrite.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-allow-larger-writes-without-.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-ValidateFvHeader-unwritten-s.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-move-DoErase-code-block-into.patch [RHEL-17587]
- edk2-ArmVirtPkg-ArmVirtQemu-migrate-to-OVMF-s-VirtNorFlas.patch [RHEL-17587]
- edk2-OvmfPkg-clone-NorFlashPlatformLib-into-VirtNorFlashP.patch [RHEL-17587]
- Resolves: RHEL-17587
([rhel8] guest fails to boot due to ASSERT error)
[20220126gitbb1bba3d77-9] - edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariableG.patch [RHEL-17587]
- edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variables.patch [RHEL-17587]
- Resolves: RHEL-17587
([rhel8] guest fails to boot due to ASSERT error)
[20220126gitbb1bba3d77-8] - edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch [RHEL-7560]
- Resolves: RHEL-7560
(CVE-2023-3446 edk2: openssl: Excessive time spent checking DH keys and parameters [rhel-8])
[20220126gitbb1bba3d77-7] - edk2-add-8.6-machine-type-to-edk2-ovmf-cc.json.patch [RHEL-12626]
- Resolves: RHEL-12626
(Missing firmware descriptor with secureboot disabled in RHEL 8)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-13.el8_10 | edk2-20220126gitbb1bba3d77-13.el8_10.src.rpm |
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-13.el8_10 | edk2-20220126gitbb1bba3d77-13.el8_10.src.rpm |
| oracle linux | 8 | noarch | edk2-aarch64 | < 20220126gitbb1bba3d77-13.el8_10 | edk2-aarch64-20220126gitbb1bba3d77-13.el8_10.noarch.rpm |
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-13.el8_10 | edk2-20220126gitbb1bba3d77-13.el8_10.src.rpm |
| oracle linux | 8 | src | edk2 | < 20220126gitbb1bba3d77-13.el8_10 | edk2-20220126gitbb1bba3d77-13.el8_10.src.rpm |
| oracle linux | 8 | noarch | edk2-ovmf | < 20220126gitbb1bba3d77-13.el8_10 | edk2-ovmf-20220126gitbb1bba3d77-13.el8_10.noarch.rpm |
Related
nessus
nessus
CentOS 8 : edk2 (CESA-2024:3017)
2024-05-22 00:00:00
RHEL 8 : edk2 (RHSA-2024:3017)
2024-05-23 00:00:00
RHEL 9 : edk2 (RHSA-2024:2264)
2024-04-30 00:00:00
almalinux
almalinux
Important: edk2 security update
2024-05-22 00:00:00
Important: edk2 security update
2024-04-30 00:00:00
Moderate: edk2 security update
2024-07-23 00:00:00
redhat
redhat
(RHSA-2024:3017) Important: edk2 security update
2024-05-22 06:35:22
(RHSA-2024:2264) Important: edk2 security update
2024-04-30 06:15:12
(RHSA-2024:4419) Important: edk2 security update
2024-07-09 09:41:20
osv
osv
Important: edk2 security update
2024-05-22 00:00:00
Important: edk2 security update
2024-05-10 14:32:38
Important: edk2 security update
2024-04-30 00:00:00
rocky
rocky
edk2 security update
2024-05-10 14:32:38
oraclelinux
oraclelinux
edk2 security update
2024-04-24 00:00:00
edk2 security update
2024-06-03 00:00:00
edk2 security update
2024-05-03 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1733)
2024-05-30 00:00:00
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1722)
2024-05-30 00:00:00
Ubuntu: Security Advisory (USN-6638-1)
2024-02-15 00:00:00
debian
debian
[SECURITY] [DSA 5624-1] edk2 security update
2024-02-14 20:00:57
ubuntu
ubuntu
EDK II vulnerabilities
2024-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: edk2-20240214-2.fc39
2024-03-13 01:25:14
hp
hp
AMI UEFI Firmware January 2024 EDK II Reference Vulnerabilities
2024-01-26 00:00:00
Insyde BIOS June 2024 EDK II Reference Vulnerabilities
2024-06-18 00:00:00
redos
redos
ROS-20240625-06
2024-06-25 00:00:00
amazon
amazon
Important: edk2
2024-02-29 10:03:00
Medium: edk2
2024-02-15 03:52:00
thn
thn
ubuntucve
ubuntucve
cert
cert
Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
2024-01-16 00:00:00
cbl_mariner
cbl_mariner
cvelist
cvelist
CVE-2022-36765 Integer Overflow in CreateHob
2024-01-09 16:10:16
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package
2024-01-16 16:07:31
CVE-2022-36763 Heap Buffer Overflow in Tcg2MeasureGptTable
2024-01-09 16:09:11
debiancve
debiancve
cve
cve
nvd
nvd
redhatcve
redhatcve
prion
prion
alpinelinux
alpinelinux
vulnrichment
vulnrichment
CVE-2022-36764 Heap Buffer Overflow in Tcg2MeasurePeImage
2024-01-09 16:09:44
CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package
2024-01-16 16:09:47
CVSS3
8.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
EPSS
0.005
Percentile
76.7%
Related for ELSA-2024-3017