22 matches found
Azure Linux 3.0 Security Update: edk2 / hvloader (CVE-2022-36764)
The version of edk2 / hvloader installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36764 advisory. - EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigg...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
CVE-2022-36764 affecting package edk2 for versions less than 20230301gitf80f052277c8-40
CVE-2022-36764 affecting package edk2 for versions less than 20230301gitf80f052277c8-40. A patched version of the package is available...
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-2068)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : edk2 (EulerOS-SA-2024-2068)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a...
CBL Mariner 2.0 Security Update: edk2 / hvloader (CVE-2022-36764)
The version of edk2 / hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36764 advisory. - EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigg...
CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3
CVE-2022-36764 affecting package hvloader for versions less than 1.0.1-3. A patched version of the package is available...
Oracle Linux 9 : edk2 (ELSA-2024-12409)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12409 advisory. - Create new 20240227 release for OL9 which includes the following fixed CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232...
CVE-2022-36764 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-36764 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this issue...
EulerOS Virtualization 2.11.0 : edk2 (EulerOS-SA-2024-1733)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a...
Important: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...
Oracle Linux 9 : edk2 (ELSA-2024-2264)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2264 advisory. - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853 -...
RHEL 9 : edk2 (RHSA-2024:2264)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2264 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...
Important: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...
Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1541)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : edk2 (EulerOS-SA-2024-1560)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a...
Fedora: Security Advisory (FEDORA-2024-a9dead34c5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: edk2
Issue Overview: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...
Amazon Linux 2 : edk2 (ALAS-2024-2465)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2465 advisory. EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability ma...
Debian dsa-5624 : ovmf - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5624 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5624...