3 matches found
MiracleLinux 9 : edk2-20230524-4.el9 (AXSA:2023-6904:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6904:04 advisory. edk2: Function GetEfiGlobalVariable2 return value not checked in DxeImageVerificationHandler CVE-2019-14560 openssl: Possible DoS translating ASN.1...
edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()
REJECTED CVE A secure boot bypass vulnerability was found in EDK2 due to the lack of proper return value checks in the GetEfiGlobalVariable2 function. The API may fail if functions like AllocatePool or gRT-GetVariable fail. Without verifying the return value, an attacker could cause the API to...
UBUNTU-CVE-2019-14575
Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...