289 matches found
Intel Processors 输入验证错误漏洞
Intel Processors are a family of processors from Intel Corporation USA. Intel Processors suffers from an input validation error vulnerability that stems from improper UEFI firmware input validation, which could allow a privileged user to disclose information via local access...
Intel Processors 安全漏洞
Intel Processors are a family of processors from Intel Corporation USA. A security vulnerability exists in Intel Processors that stems from improper initialization of the OutOfBandXML module of the UEFI firmware, which could allow a privileged user to disclose information via local access...
UBUNTU-CVE-2024-39279
Insufficient granularity of access control in UEFI firmware in some IntelR processors may allow a authenticated user to potentially enable denial of service via local access...
PT-2025-6631
Name of the Vulnerable Software and Affected Versions IntelR Processors affected versions not specified Description The issue is related to improper input validation in UEFI firmware for some IntelR Processors. This may allow a privileged user to potentially enable escalation of privilege via loc...
The vulnerability of the UEFI loading mode of the BIOS microprogramming system on Intel Server Board M20NTP allows a hacker to enhance their privileges.
The vulnerability of the UEFI loading mechanism in the BIOS of Intel Server Board M20NTP software-based motherboards is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the UEFI loading mode of the BIOS microprogramming system on Intel Server Board M10JNP2SB allows a hacker to enhance their privileges.
The vulnerability of the UEFI loading mode of the BIOS microprogramming system on Intel Server Board M10JNP2SB motherboards is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the efi/capsule-loader component of the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the efi/capsule-loader component in the Linux operating system is related to a memory corruption in the eficapsuleopen function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Insyde InsydeH2O 安全漏洞
Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from a 0x49 function that can restore the factory default settings of certain UEFI variabl...
CVE-2024-39609
Improper Access Control in UEFI firmware for some IntelR Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access...
kernel: efi: runtime: Fix potential overflow of soft-reserved region size
A flaw was found in the Linux kernel. Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service...
kernel: efi/unaccepted: touch soft lockup during memory accept
In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...
SUSE CVE-2024-50141
In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFIMEMORYRUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type...
DEBIAN-CVE-2024-50141
In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFIMEMORYRUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type...
AZL-53639 CVE-2024-50141 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFIMEMORYRUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type...
The vulnerability of the UEFI Firmware component of Intel microprogramming systems, related to defects in input data validation, allows attackers to exploit their privileges.
The vulnerability of the UEFI Firmware component of Intel microprocessors is related to defects in input validation. Exploiting this vulnerability can allow attackers to enhance their privileges...
SUSE CVE-2022-49004
In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAPSTACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is...
The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems allows a hacker to bypass the UEFI Secure Boot security mechanism.
The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems is related to the use of an unreliable pointer. Exploiting this vulnerability could allow an attacker to bypass the UEFI Secure Boot security mechanism...
CVE-2024-37983
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...
CVE-2024-37982
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...
CVE-2024-37976
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability...