EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" }, { "binary_name": "qemu-efi-arm", "binary_version": "0~20191122.bd85bf54-2ubuntu3.5" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "ovmf-ia32", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "2022.02-3ubuntu0.22.04.2" }, { "binary_name": "qemu-efi-arm", "binary_version": "2022.02-3ubuntu0.22.04.2" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "efi-shell-aa64", "binary_version": "2023.11-6" }, { "binary_name": "efi-shell-arm", "binary_version": "2023.11-6" }, { "binary_name": "efi-shell-ia32", "binary_version": "2023.11-6" }, { "binary_name": "efi-shell-riscv64", "binary_version": "2023.11-6" }, { "binary_name": "efi-shell-x64", "binary_version": "2023.11-6" }, { "binary_name": "ovmf", "binary_version": "2023.11-6" }, { "binary_name": "ovmf-ia32", "binary_version": "2023.11-6" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "2023.11-6" }, { "binary_name": "qemu-efi-arm", "binary_version": "2023.11-6" }, { "binary_name": "qemu-efi-riscv64", "binary_version": "2023.11-6" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }