CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
76.7%
Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data.
Unauthorized access to confidential data
Vulnerability in tcg2measurepeimage() function of Tianocore EDK2 library is caused by a buffer overflow.
Exploitation of the vulnerability could allow an attacker to impact confidentiality,
integrity and availability of protected information
Vulnerability in createhob() function of Tianocore EDK2 library is caused by a buffer overflow. Exploitation
of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information.
availability of protected information
Vulnerability of NetRandomInitSeed() function of Tianocore edk2 library is related to errors in the code of the generator of
pseudorandom number generator code when processing the Seed parameter. Exploitation of the vulnerability could allow an attacker,
acting remotely, gain unauthorized access to protected information or cause a denial of service.
denial of service
Vulnerability of Ip6ProcessRedirect function (NetworkPkg/Ip6Dxe/Ip6Nd.c) of Tianocore edk2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain
Unauthorized access to confidential data
Vulnerability in the tcg2measuregpttable() function of the Tianocore EDK2 library is due to a buffer overflow.
Exploitation of the vulnerability could allow an attacker to impact confidentiality,
integrity and availability of protected information
Vulnerability of Ip6IsOptionValid() function of Tianocore edk2 library is related to execution of loop with
unavailable exit condition when processing the PadN parameter. Exploitation of the vulnerability could allow
an attacker acting remotely to affect the availability of protected information or cause a
denial of service
A vulnerability in the DHCPv6 Proxy Advertise Message Handler component of the Tianocore EDK2 library is related to a buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to cause
impact confidentiality, integrity and availability of data
Vulnerability of Dhcp6SendRequestMsg function (NetworkPkg/Dhcp6Dxe/Dhcp6Io.c) of Tianocore edk2 library is related to buffer overflow.
with a buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to have a
affect confidentiality, integrity and availability of protected information
Vulnerability in IPv6 Options Header Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of
denial of service
Vulnerability in Dhcp6HandleAdvertiseMsg function (NetworkPkg/Dhcp6Dxe/Dhcp6Io.c) of Tianocore edk2 library is related to access control flaws.
is related to access control flaws. Exploitation of the vulnerability could allow an attacker,
acting remotely, to gain unauthorized access to protected information
Vulnerability in DHCPv6 Advertise Message Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to affect
Data confidentiality, integrity and availability
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | edk2-tools | < 20240524-1 | UNKNOWN |
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
76.7%