Bugs fixes in "edk2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-3770 | EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul | 2025-11-27 |
| CVE | CVE-2025-2295 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | 2025-11-27 |
| CVE | CVE-2024-9143 | Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem | 2025-11-27 |
| CVE | CVE-2024-6119 | Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory | 2025-11-27 |
| CVE | CVE-2024-5535 | Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con | 2025-11-27 |
| CVE | CVE-2024-4741 | Use After Free with SSL_free_buffers | 2025-11-27 |
| CVE | CVE-2024-38805 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | 2025-11-27 |
| CVE | CVE-2024-38797 | EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via | 2025-11-27 |
| CVE | CVE-2024-38796 | EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. | 2025-11-27 |
| CVE | CVE-2024-2511 | Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta | 2025-11-27 |
| CVE | CVE-2024-13176 | Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ | 2025-11-27 |
| CVE | CVE-2024-1298 | EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A | 2025-11-27 |
| CVE | CVE-2024-0727 | Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summa | 2025-11-27 |
| CVE | CVE-2023-5678 | Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: | 2025-11-27 |
| CVE | CVE-2023-45237 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | 2025-11-27 |
| CVE | CVE-2023-45236 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | 2025-11-27 |
| CVE | CVE-2023-3817 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | 2025-11-27 |
| CVE | CVE-2023-3446 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | 2025-11-27 |
| CVE | CVE-2023-2650 | openssl Possible DoS translating ASN.1 object identifiers | 2025-11-27 |
| CVE | CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. How | 2025-11-27 |
About
-
Send Feedback to @ubuntu_updates
