SUSE-SU-2026:20037-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: integer underflow and out-of-bounds read when processing IANA/IATA options in a DHCPv6 Advertise message bsc1218879. - CVE-2023-45230: out-of-bounds write in the DHCPv6 client through a long Server ID option bsc1218880...

AZL-39436 CVE-2023-45229 affecting package hvloader for versions less than 1.0.1-9

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

Design/Logic Flaw

The TSrvOptIANA::rebind method in SrvOptions/SrvOptIANA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service NULL dereference and daemon crash via an invalid IANA option in a REBIND message...

CVE-2007-5031

The TSrvOptIANA::rebind method in SrvOptions/SrvOptIANA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service NULL dereference and daemon crash via an invalid IANA option in a REBIND message...

CVE-2007-5031

The TSrvOptIANA::rebind method in SrvOptions/SrvOptIANA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service NULL dereference and daemon crash via an invalid IANA option in a REBIND message...

CVE-2007-5031

The TSrvOptIANA::rebind method in SrvOptions/SrvOptIANA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service NULL dereference and daemon crash via an invalid IANA option in a REBIND message...