Unrated severityNVD Advisory· Published Jan 16, 2024· Updated Nov 4, 2025
Out-of-Bounds Read in EDK II Network Package
CVE-2023-45231
Description
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
Affected products
1- TianoCore/edk2v5Range: edk2-stable202308
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7hmitrevendor-advisory
- packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.htmlmitre
- www.openwall.com/lists/oss-security/2024/01/16/2mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/mitre
- security.netapp.com/advisory/ntap-20240307-0011/mitre
News mentions
1- ABB B&R PCsCISA ICS Advisories