41 matches found
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fixed the level3 translation fault in swsuspsave On arm64 machines, swsuspsave fails if it attempts to access MEMBLOCKNOMAP memory ranges. This issue can be reproduced in QEMU using UEFI when booting with...
EUVD-2020-26560
Malware in sbrugna...
EUVD-2022-39054
Malicious code in bioql PyPI...
EUVD-2023-43648
Malicious code in bioql PyPI...
CVE-2022-36338
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads to arbitrary code execution. An attacker can replace the pointer to the UEFI boot service GetVariable with a pointer to malware, and then...
Enable IMA Measurement
Integrity Measurement Architecture IMA is an integrity protection function of the kernel. When IMA is enabled, integrity measurement is provided for important system files based on user-defined policies. The measurement results can be used for local and remote integrity attestation. If IMA is...
PVS Boot Device Management creation of UEFI BDM disks.
PVS Boot Device Management wizard creation of UEFI BDM disks. In PVS 2402 and newer, the BDM wizard only shows options related to UEFI BDM creation, as BIOS has been deprecated, and BIOS management interfaces have been removed. This means BDM wizard will look for a locally attached drive with...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: shim bug fix update
An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, E4S Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...
ALSA-2024:1902 Important: shim security update
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fixes: shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...
Important: shim bug fix update
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fixes: shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...
Important: shim security update
The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fixes: shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: shim security update
An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security...
PT-2024-2762 · Shim +6 · Shim +6
Name of the Vulnerable Software and Affected Versions: Shim versions for 32-bit systems Description: The issue is related to a buffer overflow in the UEFI boot loader shim for 32-bit systems. This overflow occurs due to an addition operation involving a user-controlled value parsed from the PE...
Siemens InsydeH2O Arbitrary Code Execution (CVE-2022-36338)
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver FwBlockServiceSmm, creating SMM, leads to arbitrary code execution. An attacker can replace the pointer to the UEFI boot service GetVariable with a pointer to malware, and then...
K15679: UEFI EDK2 Capsule Update vulnerabilities CVE-2014-4859 / CVE-2014-4860
Security Advisory Description CVE-2014-4859 During the Drive Execution Environment DXE phase of the UEFI boot process, the contents of the capsule image are parsed during processing. An integer overflow vulnerability exists in the capsule processing phase that can cause the allocation of a buffer...