986 matches found
Oracle Linux 8 : edk2 (ELSA-2019-0968)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0968 advisory. 20180508gitee3198e672e2-9.el80 - edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1690501 -...
Denial Of Service (DoS)
edk2 is vulnerable to denial of service DoS. It is due to stack overflow in XHCI causing denial of service...
Denial Of Service (DoS)
edk2 is vulnerable to denial of service DoS. The attack can be triggered when an attacker provide a corrupted BMP file causing a buffer overflow...
Privilege Escalation
edk2 is vulnerable to privilege escalation. The attack is due to a logic error in MdeModulePkg in EDK II firmware, allowing an authenticated users to trigger the attack...
Moderate: Red Hat Security Advisory: ovmf security and enhancement update
An update for ovmf is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
edk2 security update
20180508gitee3198e672e2-9.el80 - edk2-MdeModulePkg-PartitionDxe-Ensure-blocksize-holds-MBR.patch bz1690501 - edk2-MdeModulePkg-RamDiskDxe-Restrict-on-RAM-disk-size-CV.patch bz1690501 - Resolves: bz1690501 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk rhel-8.0.0.z...
Security fix for the ALT Linux 10 package edk2 version 20190501-alt1
June 19, 2019 Alexey Shabalin 20190501-alt1 - edk2-stable201905 Fixes: CVE-2018-12182...
edk2 security update
1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel module. Aaron Young - Update spec file to modprobe kvmintel module prior to running qemu to enroll default keys. Aaron Young - Enroll Oracle cert/key...
Important: Red Hat Security Advisory: redhat-virtualization-host security update
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: edk2 security update
An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
edk2: Buffer Overflow in BlockIo service for RAM disk
A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...
RHEL 8 : edk2 (RHSA-2019:0968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0968 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...
Fedora Update for edk2 FEDORA-2019-bff1cbaba3
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : edk2 (2019-3b96bb5186)
The remote Fedora 30 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2019-3b96bb5186 advisory. Use YYYYMMDD versioning to fix upgrade path ---- Update to stable-201903 Update to openssl-1.1.0j Move to python3 deps Tenable has extracted the...
RHEL 7 : ovmf (RHSA-2019:0809)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0809 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for...
[SECURITY] Fedora 29 Update: edk2-20190308stable-1.fc29
EDK II is a development code base for creating UEFI drivers, applications and firmware images...
Security fix for the ALT Linux 10 package edk2 version 20190308-alt1
April 2, 2019 Alexey Shabalin 20190308-alt1 - edk2-stable201903 Fixes: CVE-2018-12178, CVE-2018-12180, CVE-2018-12181, CVE-2018-3630...
CVE-2018-12181
A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 162^4 or 2562^8 colors...
CVE-2018-12180
A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...
UEFI EDK2 Capsule Update Vulnerabilities
Lenovo Security Advisory: LEN-2014-001 Potential Impact: Execution of arbitrary code Severity: Medium Summary: The EDK2 UEFI reference implementation contains multiple vulnerabilities in the Capsule Update mechanism. Description: The open source EDK2 project provides a reference implementation of...