edk2: Integer overflows in PeCoffLoaderRelocateImage

A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability...

The vulnerability of open-source development environments for UEFI EDK2, related to configuration errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of open-source development environments for UEFI EDK2 is related to configuration errors. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

SUSE CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability...

SUSE CVE-2019-14575

Logic issue in DxeImageVerificationHandler for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...

SUSE CVE-2021-28211

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...

PT-2019-6288 · Intel +7 · Edk Ii +7

Name of the Vulnerable Software and Affected Versions: EDK II affected versions not specified Description: The issue is related to an unlimited recursion in the EDK II UEFI development environment, specifically in DxeCore. This allows an attacker to access confidential data, compromise its...