rpm package
suse/ovmf&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/ovmf&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45230 | — | < 202305-2.1 | 202305-2.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability | ||
| CVE-2023-45229 | — | < 202305-2.1 | 202305-2.1 | Jan 16, 2024 | EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentialit | ||
| CVE-2022-36765 | — | < 202305-3.1 | 202305-3.1 | Jan 9, 2024 | EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. |
- CVE-2023-45230Jan 16, 2024affected < 202305-2.1fixed 202305-2.1
EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability
- CVE-2023-45229Jan 16, 2024affected < 202305-2.1fixed 202305-2.1
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentialit
- CVE-2022-36765Jan 9, 2024affected < 202305-3.1fixed 202305-3.1
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.