22 matches found
EUVD-2018-4158
Malware in sbrugna...
CentOS 8 : edk2 (CESA-2019:0968)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:0968 advisory. - edk2: Buffer Overflow in BlockIo service for RAM disk CVE-2018-12180 Note that Nessus has not tested for this issue but has instead relied only on the...
Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...
Important: edk2
Issue Overview: A missing check leads to an out-of-bounds read and write flaw in NetworkPkg/DnsDxe as shipped in edk2, when it parses DNS responses. A remote attacker who controls the DNS server used by the vulnerable firmware may use this flaw to make the system crash. CVE-2018-3613 improper DNS...
NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Vulnerability (NS-SA-2019-0083)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ovmf packages installed that are affected by a vulnerability: - Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or...
Buffer Overflow
EDK II is vulnerable to buffer overflows. Remote unauthenticated attackers could exploit the vulnerable BlockIo Service component to potentially enable escalation of privilege, information disclosure and/or denial of service conditions...
edk2: Buffer Overflow in BlockIo service for RAM disk
A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...
CentOS Update for OVMF-20180508-3.gitee3198e672e2.el7_ CESA-2019:0809 centos7
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
RHEL 7 : ovmf (RHSA-2019:0809)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0809 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for...
Scientific Linux Security Update : ovmf on (20190423)
Security Fixes : - edk2: Buffer Overflow in BlockIo service for RAM disk CVE-2018-12180 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid124262; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...
Important: Red Hat Security Advisory: ovmf security update
An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
The vulnerability of the BlockIo service’s Tianocore edk2 library allows a hacker to escalate their privileges, disclose protected information, or cause a service failure.
The vulnerability of the BlockIo service for the Tianocore edk2 library arises from insufficient validation of the data entered by users. Exploiting this vulnerability can allow a malicious actor to enhance their privileges, disclose sensitive information, or cause service failures...
openSUSE Security Update : ovmf (openSUSE-2019-1083)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. -...
CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
DEBIAN-CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
Buffer overflow
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
UBUNTU-CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...
CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access...