EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "qemu-efi-aarch64": "0~20191122.bd85bf54-2ubuntu3.5", "ovmf": "0~20191122.bd85bf54-2ubuntu3.5", "qemu-efi": "0~20191122.bd85bf54-2ubuntu3.5", "qemu-efi-arm": "0~20191122.bd85bf54-2ubuntu3.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "ovmf-ia32": "2022.02-3ubuntu0.22.04.2", "qemu-efi-aarch64": "2022.02-3ubuntu0.22.04.2", "ovmf": "2022.02-3ubuntu0.22.04.2", "qemu-efi": "2022.02-3ubuntu0.22.04.2", "qemu-efi-arm": "2022.02-3ubuntu0.22.04.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "qemu-efi-riscv64": "2023.11-6", "efi-shell-riscv64": "2023.11-6", "efi-shell-arm": "2023.11-6", "qemu-efi-arm": "2023.11-6", "ovmf-ia32": "2023.11-6", "efi-shell-ia32": "2023.11-6", "qemu-efi-aarch64": "2023.11-6", "efi-shell-x64": "2023.11-6", "ovmf": "2023.11-6", "efi-shell-aa64": "2023.11-6" } ] }