MiracleLinux 8 : edk2-20190829git37eef91017ad-9.el8 (AXSA:2020-915:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-915:01 advisory. edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Tenable has extracted the preceding description block directly from the...

Linux Distros Unpatched Vulnerability : CVE-2019-14563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2019-14563 Note that Nessus...

SUSE: Security Advisory (SUSE-SU-2020:0568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0495-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0699-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : edk2 (CESA-2020:1712)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1712 advisory. - edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib CVE-2019-14563 Note that Nessus has not tested for this issue but has instead relied only on the...

Updated edk2 packages fix multiples security vulnerabilities

Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...

CVE-2019-14563

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-14563

CVE-2019-14563 is an EDK II vulnerability described as numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib that can allow an authenticated, local attacker to escalate privileges. The connected advisories (e.g., MiracleLinux AXSA:2020-915, Alibaba Cloud Linux ALINUX3-SA-2022:0098, Oracle Linux...

CVE-2019-14563

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...

RHEL 8 : edk2 (RHSA-2020:1712)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1712 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...

Security fix for the ALT Linux 9 package edk2-tools version 20200229-alt1

20200229-alt1 built July 22, 2020 Alexey Shabalin in task 254589 --- May 16, 2020 Alexey Shabalin - edk2-stable202002 Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563...

EulerOS Virtualization for ARM 64 3.0.6.0 : edk2 (EulerOS-SA-2020-1689)

According to the versions of the edk2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3....

Security fix for the ALT Linux 10 package edk2 version 20200229-alt1

May 16, 2020 Alexey Shabalin 20200229-alt1 - edk2-stable202002 Fixes: CVE-2019-14575, CVE-2019-14559, CVE-2019-14587, CVE-2019-14558, CVE-2019-14586, CVE-2019-14563...

edk2 security, bug fix, and enhancement update

20190829git37eef91017ad-9.el8 - edk2-OvmfPkg-QemuVideoDxe-unbreak-secondary-vga-and-bochs.patch bz1806359 - Resolves: bz1806359 bochs-display cannot show graphic wihout driver attach 20190829git37eef91017ad-8.el8 - edk2-MdeModulePkg-Enable-Disable-S3BootScript-dynamically.patch bz1801274 -...

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...

EulerOS Virtualization for ARM 64 3.0.2.0 : edk2 (EulerOS-SA-2020-1574)

According to the versions of the edk2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3....

Ubuntu: Security Advisory (USN-4349-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4349-1: EDK II vulnerabilities

A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. CVE-2018-12178 A buffer overflow was discovered in BlockIo service. An...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2020-1574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...