EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi-arm", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "ovmf-ia32", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi-arm", "binary_version": "2022.02-3ubuntu0.22.04.2" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "efi-shell-aa64", "binary_version": "2023.11-5" }, { "binary_name": "efi-shell-arm", "binary_version": "2023.11-5" }, { "binary_name": "efi-shell-ia32", "binary_version": "2023.11-5" }, { "binary_name": "efi-shell-riscv64", "binary_version": "2023.11-5" }, { "binary_name": "efi-shell-x64", "binary_version": "2023.11-5" }, { "binary_name": "ovmf", "binary_version": "2023.11-5" }, { "binary_name": "ovmf-ia32", "binary_version": "2023.11-5" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "2023.11-5" }, { "binary_name": "qemu-efi-arm", "binary_version": "2023.11-5" }, { "binary_name": "qemu-efi-riscv64", "binary_version": "2023.11-5" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }