320 matches found
NewStart CGSL CORE 5.05 / MAIN 5.05 : ovmf Multiple Vulnerabilities (NS-SA-2021-0180)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ovmf packages installed that are affected by multiple vulnerabilities: - Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi...
Ubuntu: Security Advisory (USN-5088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5088-1: EDK II vulnerabilities
It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2019-11098 Paul Kehrer discovered that OpenSSL use...
USN-5088-1 edk2 vulnerabilities
It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2019-11098 Paul Kehrer discovered that OpenSSL use...
EDKII MdeModulePkg 输入验证错误漏洞
EDKII is an open source project that provides a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications developed and maintained by the UEFI Forum. A security vulnerability exists in EDKII MdeModulePkg that stems from insufficient input validation ...
RLSA-2021:2591 Moderate: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 For more details about the security issues,...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2021:2161-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2161-1 advisory. - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with...
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
DEBIAN-CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
Heap overflow
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
Design/Logic Flaw
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28211
CVE-2021-28211 is a heap overflow in the EDK II component function LzmaUefiDecompressGetInfo. The issue has been observed in multiple distributions via security advisories (e.g., ALAS2-2024-2722, ALINUX3-SA-2022:0214, etc.), affecting the edk2 package. Impact discussed in advisories centers on po...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28210
An unlimited recursion in DxeCore in EDK II...
CVE-2021-28211
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...