Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2026-1110)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : edk2-20220126gitbb1bba3d77-13.el8_10.4 (AXSA:2024-9443:13)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9443:13 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the MiracleLinux...

Integer overflow in PeCoffLoaderRelocateImage

...

RLSA-2024:11219 Moderate: edk2:20240524 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 For more details about the security issues, including th...

RHEL 8 : edk2:20220126gitbb1bba3d77 (RHSA-2024:11185)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:11185 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...

edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

Moderate: edk2:20240524 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 For more details about the security issues, including th...

edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

ROS-20241017-06

A vulnerability in the PeCoffLoaderRelocateImage function of the Tianocore EDK2 library is related to the invocation of memory corruption memory due to overflow through a contiguous network. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to...

CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

DEBIAN-CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

AZL-49713 CVE-2024-38796 affecting package hvloader for versions less than 1.0.1-13

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

AZL-49710 CVE-2024-38796 affecting package edk2 for versions less than 20240524git3e722403cd16-8

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

CVE-2024-38796

CVE-2024-38796 affects the EDK II Edk2 firmware ecosystem, specifically a vulnerability in the PeCoffLoaderRelocateImage() that may enable memory corruption via an adjacent network. The issue can lead to confidentiality, integrity, and availability impact as described in multiple connected source...

PT-2024-28227

Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The issue is related to a vulnerability in the PeCoffLoaderRelocateImage function, which can cause memory corruption due to an overflow. This can be triggered via an adjacent network, potentiall...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that originates in the PeCoffLoaderRelocateImage function, where an attacker may be able to cause memory corruption via a...