EUVD-2024-40256

Malicious code in bioql PyPI...

CVE-2020-8332

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected...

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

CVE-2024-43378

CVE-2024-43378 concerns calamares-nixos-extensions prior to version 0.3.17, where the installer’s legacy BIOS flow could leave the LUKS keyfile in plaintext in /crypto_keyfile.bin or in a CPIO archive attached to the NixOS initrd for partitions containing / or /boot. Red Hat and CVE records summa...

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

PT-2024-30540 · Unknown · Calamares-Nixos-Extensions

Name of the Vulnerable Software and Affected Versions: calamares-nixos-extensions versions prior to 0.3.17 Description: The issue affects users who installed NixOS through the graphical installer using manual disk partitioning, where the system boots via legacy BIOS, some disk partitions are...

The vulnerability of the reverse-trigger function of the System Management Interrupt (SMI) driver for Legacy BIOS notebook computers of Lenovo allows a hacker to execute arbitrary code with elevated privileges.

The vulnerability of the reverse-trigger function of the System Management Interrupt SMI driver for Legacy BIOS notebook computers of Lenovo is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

CVE-2021-4212

A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code...

CVE-2021-4212

CVE-2021-4212 describes a local-privilege escalation vulnerability in the SMI callback function used by the Legacy BIOS mode driver on some Lenovo Notebook models. The issue could allow an attacker with local access and elevated privileges to execute arbitrary code. The affected component is the ...

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...

PXEChecker for Citrix Provisioning Services

Description PXEChecker is tool designed to troubleshoot configuration and environment related issues during the PXE boot process in Citrix Provisioning Services PVS. PXEChecker has two different tests: 1. Legacy BIOS Test.- Simulates the PXE boot process and analyzes the DHCP options on the DHCP...

IBM System x servers Arbitrary Code Execution Vulnerability

IBM System x servers are a server from International Business Machines Corporation IBM. An arbitrary code execution vulnerability exists in IBM System x servers that stems from a potential flaw in the SMI callback function used in older BIOS mode USB drivers that could allow arbitrary code...

CVE-2020-8332

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected...

Code injection

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected...

CVE-2020-8332

The CVE-2020-8332 issue is tied to the SMI callback function in legacy BIOS mode USB drivers on some legacy Lenovo and IBM System x servers. The vulnerability may allow arbitrary code execution, with UEFI-mode systems unaffected. The affected component is the legacy BIOS USB driver stack; root ca...

MBR disk restore to UEFI system fails with "OS disk in backup uses MBR disk" warning

Challenge When attempting to restore a Windows machine using Bare Metal Recovery, the restore displays the warning: OS disk in backup uses MBR disk. This may cause boot issues on UEFI systems Cause The Bare Metal Recovery restore has detected that the system within the selected restore point was...

Restoring GPT Disk to Incompatible Legacy BIOS System

Challenge After selecting a restore point during the bare metal restore configuration, the following message pops up: OS disk in backup uses GPT disk. This may cause boot issues on BIOS systems. If this is ignored and the restore process completes, the following may happen when the restored machi...