2 matches found
AZL-40192 CVE-2024-2511 affecting package edk2 for versions less than 20240524git3e722403cd16-8
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...
AZL-39292 CVE-2022-36764 affecting package edk2 for versions less than 20230301gitf80f052277c8-40
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability...