10 matches found
Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-6920-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6920-1 advisory. It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An...
Ubuntu: Security Advisory (USN-6920-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6920-1: EDK II vulnerabilities
It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. CVE-2017-5731 It was discovered that EDK II had an insufficient...
Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to TianoCore EDK II BIOS Vulnerability (CVE-2018-12182)
Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x and Flex systems in response to the TianoCore EDK II BIOS Vulnerability listed below. Vulnerability Details CVEID: CVE-2018-12182 DESCRIPTION: TianoCore EDK II BIOS could allow a local authenticat...
Updated edk2 packages fix multiples security vulnerabilities
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...
Oracle Linux 7 : edk2 (ELSA-2020-5861)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5861 advisory. - Create new 1.3 release for OL7 which includes the following fixed CVEs: CVE-2018-12182 CVE-2019-13224 CVE-2019-13225 CVE-2019-14553 Fri May 17 2019...
Security fix for the ALT Linux 10 package edk2 version 20190501-alt1
June 19, 2019 Alexey Shabalin 20190501-alt1 - edk2-stable201905 Fixes: CVE-2018-12182...
CVE-2018-12182
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...
CVE-2018-12182
CVE-2018-12182 affects the EDK II firmware/EDK II SMM subsystem across multiple vendor advisories. The root cause is an insufficient memory write check in the SMM service, which an authenticated local attacker could exploit to escalate privileges, disclose information, or cause denial of service....
CVE-2018-12182
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access...