Open
Description
Name: edk2-ovmf-bin
CVEs: CVE-2022-36763, CVE-2022-36764, CVE-2022-36765, CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236, CVE-2023-45237, CVE-2024-1298, CVE-2024-38796, , CVE-2024-38797
CVSSs: 7.8, 7.8, 7.8, 6.5, 8.8, 6.5, 7.5, 7.5, 8.8, 8.8, 7.5, 7.5, 6.0, 5.9, 4.6
Action Needed: TBD for CVE-2023-*, update to >= 202405 for CVE-2024-1298, >= 202408 for CVE-2024-38796, TBD for CVE-2024-38797
Summary:
- CVE-2022-36763: EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
- CVE-2022-36764: EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
- CVE-2022-36765: EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
- CVE-2023-45229: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message
- CVE-2023-45230: Buffer overflow in the DHCPv6 client via a long Server ID option
- CVE-2023-45231: Out of Bounds read when handling a ND Redirect message with truncated options
- CVE-2023-45232: Infinite loop when parsing unknown options in the Destination Options header
- CVE-2023-45233: Infinite loop when parsing a PadN option in the Destination Options header
- CVE-2023-45234: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message
- CVE-2023-45235: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message
- CVE-2023-45236: Predictable TCP Initial Sequence Numbers
- CVE-2023-45237: Use of a Weak PseudoRandom Number Generator
CVE-2024-1298: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability.CVE-2024-38796: Integer overflows in PeCoffLoaderRelocateImage() may cause memory corruption.- CVE-2024-38797: EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.
Not critical, as edk2-bin is only included in the Flatcar SDK.
refmap.gentoo:
Metadata
Metadata
Assignees
Type
Projects
Status
🪵Backlog