RHSA-2026:18465 Red Hat Security Advisory: edk2 security update

Bulletin has no description...

RHSA-2026:18320 Red Hat Security Advisory: edk2 security update

Bulletin has no description...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to a buffer overflow vulnerability when processing the DNS Server option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity, and/or...

Moderate: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 10 : edk2 (RHSA-2026:18465)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18465 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...

RHEL 10 : edk2 (RHSA-2026:18320)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18320 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...

SUSE CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017405 advisory. A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as we...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017403 advisory. NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. Tenable has extracted the preceding description block directly from the Unity Linux security advisory...

CVE-2026-28390 affecting package edk2 for versions less than 20240524git3e722403cd16-16

CVE-2026-28390 affecting package edk2 for versions less than 20240524git3e722403cd16-16. A patched version of the package is available...

CVE-2026-28389 affecting package edk2 for versions less than 20240524git3e722403cd16-16

CVE-2026-28389 affecting package edk2 for versions less than 20240524git3e722403cd16-16. A patched version of the package is available...

Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability in the BIOS, where an attacker can cause a “Protection Mechanism Failure” through local access. Successful exploitation of this vulnerability will lead to the execution of arbitrary code, compromising Confidentiality, Integrity, and Availability...

Astra Linux - уязвимость в edk2

NetworkPkg/IScsiDxe has remotely exploitable buffer overflows...

Astra Linux - уязвимость в edk2

EDK2 contains a vulnerability when the S3 sleep mechanism is activated. In this case, an attacker may cause a Division-by-Zero error due to a UNIT32 overflow through local access. Successful exploitation of this vulnerability could result in a loss of availability...

Astra Linux - уязвимость в edk2

The Ubuntu edk2 UEFI firmware packages accidentally allowed access to the UEFI Shell in Secure Boot environments, potentially enabling bypass of Secure Boot restrictions. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some earlier versions introduced a security measure base...

Important: edk2

Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...

Fedora 43 : edk2 (2026-a484707720)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a484707720 advisory. unbreak https boot ---- update openssl to 3.5.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

CVE-2025-69419 affecting package edk2 for versions less than 20240524git3e722403cd16-15

CVE-2025-69419 affecting package edk2 for versions less than 20240524git3e722403cd16-15. A patched version of the package is available...

EulerOS Virtualization 2.12.1 : edk2 (EulerOS-SA-2026-1471)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2026-1528)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...