vulnerability
Ubuntu: USN-6638-1 (CVE-2023-45235): EDK II vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:A/AC:L/Au:N/C:C/I:C/A:C) | Jan 16, 2024 | Feb 15, 2024 | Feb 20, 2025 |
Severity
8
CVSS
(AV:A/AC:L/Au:N/C:C/I:C/A:C)
Published
Jan 16, 2024
Added
Feb 15, 2024
Modified
Feb 20, 2025
Description
EDK2's Network Package is susceptible to a buffer overflow vulnerability when
handling Server ID option
from a DHCPv6 proxy Advertise message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.
Solution(s)
ubuntu-upgrade-efi-shell-aa64ubuntu-upgrade-efi-shell-armubuntu-upgrade-efi-shell-x64ubuntu-upgrade-ovmfubuntu-upgrade-qemu-efiubuntu-upgrade-qemu-efi-aarch64ubuntu-upgrade-qemu-efi-arm

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.