24 matches found
MiracleLinux 8 : edk2-20200602gitca407c7246bf-4.el8.1 (AXSA:2021-2183:03)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2183:03 advisory. edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 Tenable has extracted the preceding description block directly from the...
Rocky Linux 8 : edk2 (RLSA-2021:2591)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2591 advisory. - A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. CVE-2021-28211 Note that Nessus has not tested for this issue but has instead relied only on t...
OESA-2021-1338 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.CVE-2021-28211...
CentOS 8 : edk2 (CESA-2021:2591)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2591 advisory. - edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 Note that Nessus has not tested for this issue but has instead relied only on the...
Oracle Linux 8 : edk2 (ELSA-2021-2591)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2591 advisory. 20200602gitca407c7246bf-4.el84.1 - edk2-MdeModulePkg-LzmaCustomDecompressLib-catch-4GB-uncom.patch bz1952953 - Resolves: bz1952953 edk2: possible heap corruptio...
Moderate: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
RLSA-2021:2591 Moderate: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 For more details about the security issues,...
edk2 security update
An update is available for edk2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...
RHEL 8 : edk2 (RHSA-2021:2591)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2591 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...
SUSE SLES12 Security Update : ovmf (SUSE-SU-2021:2117-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2117-1 advisory. - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with...
SUSE: Security Advisory (SUSE-SU-2021:2161-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-28211
creationtimestamp| type| source ---|---|--- 2021-06-11 20:43:05+00:00| seen| https://t.me/cibsecurity/25396...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
CVE-2021-28211
CVE-2021-28211 is a heap overflow in the EDK II component function LzmaUefiDecompressGetInfo. The issue has been observed in multiple distributions via security advisories (e.g., ALAS2-2024-2722, ALINUX3-SA-2022:0214, etc.), affecting the edk2 package. Impact discussed in advisories centers on po...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
SUSE: Security Advisory (SUSE-SU-2021:0972-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4923-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : EDK II vulnerabilities (USN-4923-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4923-1 advisory. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources,...