CLSA-2025-1763716672
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1763716672.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1763716672
- Upstream
- Published
- 2025-11-21T09:17:56Z
- Modified
- 2026-06-01T00:31:20.347111978Z
- Summary
- edk2: Fix of 7 CVEs
- Details
-
- CVE-2023-45229: fix IPv6 malformed option handling to prevent parsing loop
- CVE-2023-45230: fix DHCPv6 ServerID length validation to prevent buffer overflow
- CVE-2023-45231: fix IPv6 Redirect bounds checks to avoid out-of-bounds access
- CVE-2023-45232: fix IPv6 destination option parsing to prevent infinite loop
- CVE-2023-45233: fix PadN option handling in IPv6 PXE processing to prevent loop
- CVE-2023-45234: fix DHCPv6 Advertise DNS Servers option parsing to prevent buffer overflow
- CVE-2023-45235: fix DHCPv6 proxy Advertise ServerID option parsing to prevent buffer overflow
- References
Affected packages
TuxCare:AlmaLinux:9.2 / edk2-aarch64
Package
- Name
- edk2-aarch64
- Purl
- pkg:rpm/tuxcare/edk2-aarch64?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / edk2-ovmf
Package
- Name
- edk2-ovmf
- Purl
- pkg:rpm/tuxcare/edk2-ovmf?distro=almalinux-9.2
TuxCare:AlmaLinux:9.2 / edk2-tools
Package
- Name
- edk2-tools
- Purl
- pkg:rpm/tuxcare/edk2-tools?distro=almalinux-9.2