OESA-2026-2620 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

OESA-2026-2619 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

PT-2026-44854

Name of the Vulnerable Software and Affected Versions EDK II affected versions not specified Description An issue exists where the firmware measures bytes differently from those actually being used. This affects the PCR5 measurements, which record the expected GUID Partition Table GPT layout...

RockyLinux 10 : edk2 (RLSA-2026:18465)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18465 advisory. edk2: EDK2: Improper Input Validation allows arbitrary command execution CVE-2025-2296 Tenable has extracted the preceding description block directly from the...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to a buffer overflow vulnerability due to the long server ID option in DHCPv6 clients. This vulnerability can be exploited by an attacker to gain unauthorized access and may result in a loss of confidentiality, integrity, and/or availability...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017475 advisory. BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. Tenable has extracted the...

Astra Linux – Vulnerability in edk2

Null pointer dereferencing in Tianocore EDK2 may allow an authenticated user to potentially enable privilege escalation through local access...

Astra Linux – Vulnerability in edk2

Existing checks in SmmEntryPoint will not catch underflow when calculating BufferSize...

Astra Linux – Vulnerability in edk2

The example of an encrypted private key in EDK2, present in the IpSecDxe.efi, may pose potential security risks...

Astra Linux – Vulnerability in edk2

EDK2 is vulnerable to a vulnerability in the Tcg2MeasureGptTable function, which allows a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...

Astra Linux – Vulnerability in edk2

Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privileges, denial of service, and/or information disclosure through physical access...

Astra Linux – Vulnerability in edk2

Improper configuration in the system firmware for EDK II may allow unauthenticated users to potentially enable privilege escalation, information disclosure, and/or denial of service through local access...

Astra Linux – Vulnerability in edk2

A BIOS bug in the firmware of a specific PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently cause damage to the system’s performance...

SUSE-RU-2026:20683-1 Recommended update for shim

This update for shim fixes the following issues: This update for shim fixes the following issues: shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory -...

RHSA-2026:2776 Red Hat Security Advisory: edk2 security update

Bulletin has no description...

MiracleLinux 9 : edk2-20231122-6.el9_4.2 (AXSA:2024-8600:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8600:07 advisory. EDK2: integer overflow in CreateHob could lead to HOB OOB R/W CVE-2022-36765 edk2: Predictable TCP Initial Sequence Numbers CVE-2023-45236 edk2: Use...

MiracleLinux 9 : edk2-20231122-6.el9 (AXSA:2024-8102:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8102:05 advisory. edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer overflow in...

GHSA-2XGQ-Q749-89FQ AWS SDK for Ruby's S3 Encryption Client has a Key Commitment Issue

Summary S3 Encryption Client for Ruby is an open-source client-side encryption library used to facilitate writing and reading encrypted records to S3. When the encrypted data key EDK is stored in an "Instruction File" instead of S3's metadata record, the EDK is exposed to an "Invisible Salamander...

EulerOS Virtualization 2.13.1 : EDK2 (EulerOS-SA-2025-2536)

According to the versions of the EDK2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access. Successful...

CVE-2025-14760

Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To mitigate this issue, upgra...