rpm package
opensuse/ovmf&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/ovmf&distro=openSUSE%20Tumbleweed
Vulnerabilities (38)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34874 | Hig | 7.5 | < 202602-9.1 | 202602-9.1 | Apr 1, 2026 | An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0. | |
| CVE-2026-25833 | Hig | 7.5 | < 202602-9.1 | 202602-9.1 | Apr 1, 2026 | Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function | |
| CVE-2025-2296 | Hig | — | < 202602-6.1 | 202602-6.1 | Dec 9, 2025 | EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentialit | |
| CVE-2025-59438 | — | < 202602-5.1 | 202602-5.1 | Oct 21, 2025 | Mbed TLS through 3.6.4 has an Observable Timing Discrepancy. | ||
| CVE-2024-38805 | Med | 6.3 | < 202505-2.1 | 202505-2.1 | Aug 12, 2025 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. | |
| CVE-2024-38797 | Med | 4.6 | < 202505-2.1 | 202505-2.1 | Apr 7, 2025 | EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability. | |
| CVE-2024-25742 | Med | 6.5 | < 202405-1.1 | 202405-1.1 | May 17, 2024 | In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. | |
| CVE-2023-48733 | — | < 202308-7.1 | 202308-7.1 | Feb 14, 2024 | An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot. | ||
| CVE-2023-45234 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integri | ||
| CVE-2023-45232 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. | ||
| CVE-2023-45235 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidential | ||
| CVE-2023-45237 | — | < 202405-1.1 | 202405-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. | ||
| CVE-2023-45236 | — | < 202405-1.1 | 202405-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. | ||
| CVE-2023-45231 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. | ||
| CVE-2023-45230 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability | ||
| CVE-2023-45229 | — | < 202402-1.1 | 202402-1.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentialit | ||
| CVE-2022-36764 | — | < 202308-9.1 | 202308-9.1 | Jan 9, 2024 | EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | ||
| CVE-2022-36763 | — | < 202308-9.1 | 202308-9.1 | Jan 9, 2024 | EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | ||
| CVE-2021-38578 | — | < 202211-1.1 | 202211-1.1 | Mar 3, 2022 | Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | ||
| CVE-2021-28211 | — | < 202105-3.4 | 202105-3.4 | Jun 11, 2021 | A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. |
- affected < 202602-9.1fixed 202602-9.1
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0.
- affected < 202602-9.1fixed 202602-9.1
Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function
- affected < 202602-6.1fixed 202602-6.1
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentialit
- CVE-2025-59438Oct 21, 2025affected < 202602-5.1fixed 202602-5.1
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
- affected < 202505-2.1fixed 202505-2.1
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
- affected < 202505-2.1fixed 202505-2.1
EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability.
- affected < 202405-1.1fixed 202405-1.1
In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES.
- CVE-2023-48733Feb 14, 2024affected < 202308-7.1fixed 202308-7.1
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.
- CVE-2023-45234Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integri
- CVE-2023-45232Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.
- CVE-2023-45235Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidential
- CVE-2023-45237Jan 16, 2024affected < 202405-1.1fixed 202405-1.1
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
- CVE-2023-45236Jan 16, 2024affected < 202405-1.1fixed 202405-1.1
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
- CVE-2023-45231Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.
- CVE-2023-45230Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability
- CVE-2023-45229Jan 16, 2024affected < 202402-1.1fixed 202402-1.1
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentialit
- CVE-2022-36764Jan 9, 2024affected < 202308-9.1fixed 202308-9.1
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
- CVE-2022-36763Jan 9, 2024affected < 202308-9.1fixed 202308-9.1
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
- CVE-2021-38578Mar 3, 2022affected < 202211-1.1fixed 202211-1.1
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
- CVE-2021-28211Jun 11, 2021affected < 202105-3.4fixed 202105-3.4
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
Page 1 of 2