Lucene search
K

17 matches found

OSV
OSV
added 2026/01/21 9:5 a.m.2 views

SUSE-SU-2026:0196-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45231: Fixed out of bounds read when handling a ND Redirect message with truncated options bsc1218881. - CVE-2023-45232: Fixed infinite loop when parsing unknown options in the Destination Options header bsc1218882. - CVE-2023-45233: Fix...

8.8CVSS6AI score0.02084EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2024/10/15 12:38 a.m.6 views

edk2: Infinite loop when parsing unknown options in the Destination Options header

A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header...

7.5CVSS5.8AI score0.02084EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/22 9:52 a.m.4 views

edk2: Infinite loop when parsing a PadN option in the Destination Options header

The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability...

7.5CVSS7.3AI score0.02084EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/05/22 9:52 a.m.5 views

edk2: Infinite loop when parsing unknown options in the Destination Options header

A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header...

7.5CVSS5.8AI score0.02084EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/04/30 9:52 a.m.3 views

edk2: Infinite loop when parsing a PadN option in the Destination Options header

The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability...

7.5CVSS7.3AI score0.02084EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/04/30 9:52 a.m.2 views

edk2: Infinite loop when parsing unknown options in the Destination Options header

A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header...

7.5CVSS5.8AI score0.02084EPSS
Exploits1References6
OSV
OSV
added 2024/03/22 11:7 a.m.2 views

OESA-2024-1319 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigger a heap buffer overflow via a local network. Successful...

8.8CVSS7.3AI score0.02084EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2024/01/18 2:47 a.m.3 views

SUSE CVE-2023-45233

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.8AI score0.02084EPSS
Exploits1References8
OSV
OSV
added 2024/01/16 4:15 p.m.5 views

AZL-38227 CVE-2023-45232 affecting package edk2 for versions less than 20240223gitedc6681206c1-1

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.9AI score0.02084EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2024/01/16 4:15 p.m.25 views

CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS8.3AI score0.02084EPSS
Exploits1References7
OSV
OSV
added 2024/01/16 4:15 p.m.5 views

AZL-39538 CVE-2023-45233 affecting package edk2 for versions less than 20230301gitf80f052277c8-40

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.7AI score0.02084EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2024/01/16 4:15 p.m.48 views

CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS7AI score0.02084EPSS
Exploits1References5
CVE
CVE
added 2024/01/16 4:13 p.m.515 views

CVE-2023-45233

EDK2 Network Package contains an infinite loop vulnerability when parsing the PadN option in the Destination Options header of IPv6 (CVE-2023-45233). The issue is documented in multiple advisories across distributions (e.g., Debian DSA-5624-1 and various ALMA/CBLMariner entries) as fixed in newer...

7.5CVSS8.1AI score0.02084EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2024/01/16 4:13 p.m.31 views

CVE-2023-45233

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.9AI score0.02084EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/01/16 4:12 p.m.27 views

CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

7.5CVSS6.9AI score0.02084EPSS
Exploits1
NVD
NVD
added 2022/01/03 8:15 a.m.15 views

CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

7.5CVSS0.00568EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/03 7:25 a.m.21 views

CVE-2021-30273

Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

7.5CVSS7.8AI score0.00568EPSS
Exploits0References1
Rows per page
Query Builder