Vulnerability-Lookup

CVE-2023-45233 (GCVE-0-2023-45233)

Vulnerability from cvelistv5 – Published: 2024-01-16 16:13 – Updated: 2025-11-04 18:17

Title

Infinite loop in EDK II Network Package

Summary

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Assigner

TianoCore

References

5 references

URL	Tags
https://github.com/tianocore/edk2/security/adviso…	vendor-advisory
http://www.openwall.com/lists/oss-security/2024/01/16/2
http://packetstormsecurity.com/files/176574/Pixie…
https://security.netapp.com/advisory/ntap-2024030…
https://lists.fedoraproject.org/archives/list/pac…

Impacted products

1 product

Vendor	Product	Version
TianoCore	edk2	Affected: edk2-stable202308

Credits

Quarkslab Vulnerability Reports Team Doug Flick

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:17:37.308Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/132380"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-45233",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-20T05:00:22.954532Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T14:57:38.872Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "edk2",
          "vendor": "TianoCore",
          "versions": [
            {
              "status": "affected",
              "version": "edk2-stable202308"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Quarkslab Vulnerability Reports Team"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Doug Flick"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability."
            }
          ],
          "value": "EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T02:06:17.031Z",
        "orgId": "65518388-201a-4f93-8712-366d21fe8d2c",
        "shortName": "TianoCore"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
        },
        {
          "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Infinite loop in EDK II Network Package",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "65518388-201a-4f93-8712-366d21fe8d2c",
    "assignerShortName": "TianoCore",
    "cveId": "CVE-2023-45233",
    "datePublished": "2024-01-16T16:13:50.113Z",
    "dateReserved": "2023-10-05T20:48:19.878Z",
    "dateUpdated": "2025-11-04T18:17:37.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-45233",
      "date": "2026-05-29",
      "epss": "0.00462",
      "percentile": "0.6452"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-45233\",\"sourceIdentifier\":\"infosec@edk2.groups.io\",\"published\":\"2024-01-16T16:15:12.277\",\"lastModified\":\"2025-11-04T19:16:00.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\\n vulnerability can be exploited by an attacker to gain unauthorized \\naccess and potentially lead to a loss of Availability.\"},{\"lang\":\"es\",\"value\":\"EDK2\u0027s Network Package es susceptible a una vulnerabilidad de bucle infinito al analizar una opci\u00f3n PadN en el encabezado Destination Options de IPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso no autorizado y potencialmente provocar una p\u00e9rdida de disponibilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"infosec@edk2.groups.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"infosec@edk2.groups.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"202311\",\"matchCriteriaId\":\"3CEB3105-57CC-4096-81D3-D58005813C4B\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html\",\"source\":\"infosec@edk2.groups.io\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/16/2\",\"source\":\"infosec@edk2.groups.io\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h\",\"source\":\"infosec@edk2.groups.io\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/\",\"source\":\"infosec@edk2.groups.io\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240307-0011/\",\"source\":\"infosec@edk2.groups.io\"},{\"url\":\"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/01/16/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240307-0011/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/132380\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/16/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240307-0011/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T19:28:26.746Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-45233\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-20T05:00:22.954532Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-22T14:57:25.423Z\"}}], \"cna\": {\"title\": \"Infinite loop in EDK II Network Package\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Quarkslab Vulnerability Reports Team\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Doug Flick\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"TianoCore\", \"product\": \"edk2\", \"versions\": [{\"status\": \"affected\", \"version\": \"edk2-stable202308\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/01/16/2\"}, {\"url\": \"http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240307-0011/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\\n vulnerability can be exploited by an attacker to gain unauthorized \\naccess and potentially lead to a loss of Availability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\\n vulnerability can be exploited by an attacker to gain unauthorized \\naccess and potentially lead to a loss of Availability.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-835\", \"description\": \"CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"65518388-201a-4f93-8712-366d21fe8d2c\", \"shortName\": \"TianoCore\", \"dateUpdated\": \"2024-03-13T02:06:17.031Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-45233\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T19:28:26.746Z\", \"dateReserved\": \"2023-10-05T20:48:19.878Z\", \"assignerOrgId\": \"65518388-201a-4f93-8712-366d21fe8d2c\", \"datePublished\": \"2024-01-16T16:13:50.113Z\", \"assignerShortName\": \"TianoCore\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

alsa-2024:2264

Vulnerability from osv_almalinux

Published

2024-04-30 00:00

Modified

2024-05-07 15:04

Summary

Important: edk2 security update

Details

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

Security Fix(es):

edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)
EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)
EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)
edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)
edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)
edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)
edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)
openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2024:2264	ADVISORY
	https://access.redhat.com/security/cve/CVE-2022-36763	REPORT
	https://access.redhat.com/security/cve/CVE-2022-36764	REPORT
	https://access.redhat.com/security/cve/CVE-2023-3446	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45229	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45231	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45232	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45233	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45235	REPORT
	https://bugzilla.redhat.com/2224962	REPORT
	https://bugzilla.redhat.com/2257582	REPORT
	https://bugzilla.redhat.com/2257583	REPORT
	https://bugzilla.redhat.com/2258677	REPORT
	https://bugzilla.redhat.com/2258688	REPORT
	https://bugzilla.redhat.com/2258691	REPORT
	https://bugzilla.redhat.com/2258694	REPORT
	https://bugzilla.redhat.com/2258700	REPORT
	https://errata.almalinux.org/9/ALSA-2024-2264.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "edk2-aarch64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20231122-6.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "edk2-ovmf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20231122-6.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "edk2-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20231122-6.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "edk2-tools-doc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20231122-6.el9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)\n* EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)\n* EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)\n* edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)\n* edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)\n* edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)\n* edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)\n* openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2024:2264",
  "modified": "2024-05-07T15:04:08Z",
  "published": "2024-04-30T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2024:2264"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-36763"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-36764"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-3446"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45229"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45231"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45232"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45233"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45235"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2224962"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2257582"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2257583"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258677"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258688"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258691"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258694"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258700"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2024-2264.html"
    }
  ],
  "related": [
    "CVE-2023-45235",
    "CVE-2022-36763",
    "CVE-2022-36764",
    "CVE-2023-45229",
    "CVE-2023-45231",
    "CVE-2023-45232",
    "CVE-2023-45233",
    "CVE-2023-3446"
  ],
  "summary": "Important: edk2 security update"
}

alsa-2024:3017

Vulnerability from osv_almalinux

Published

2024-05-22 00:00

Modified

2024-05-29 12:19

Summary

Important: edk2 security update

Details

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

Security Fix(es):

edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)
EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)
EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)
EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W (CVE-2022-36765)
edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)
edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)
edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)
edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2024:3017	ADVISORY
	https://access.redhat.com/security/cve/CVE-2022-36763	REPORT
	https://access.redhat.com/security/cve/CVE-2022-36764	REPORT
	https://access.redhat.com/security/cve/CVE-2022-36765	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45229	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45231	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45232	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45233	REPORT
	https://access.redhat.com/security/cve/CVE-2023-45235	REPORT
	https://bugzilla.redhat.com/2257582	REPORT
	https://bugzilla.redhat.com/2257583	REPORT
	https://bugzilla.redhat.com/2257584	REPORT
	https://bugzilla.redhat.com/2258677	REPORT
	https://bugzilla.redhat.com/2258688	REPORT
	https://bugzilla.redhat.com/2258691	REPORT
	https://bugzilla.redhat.com/2258694	REPORT
	https://bugzilla.redhat.com/2258700	REPORT
	https://errata.almalinux.org/8/ALSA-2024-3017.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "edk2-aarch64"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20220126gitbb1bba3d77-13.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "edk2-ovmf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20220126gitbb1bba3d77-13.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)\n* EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)\n* EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)\n* EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W (CVE-2022-36765)\n* edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)\n* edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)\n* edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)\n* edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2024:3017",
  "modified": "2024-05-29T12:19:10Z",
  "published": "2024-05-22T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2024:3017"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-36763"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-36764"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2022-36765"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45229"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45231"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45232"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45233"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-45235"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2257582"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2257583"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2257584"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258677"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258688"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258691"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258694"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258700"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2024-3017.html"
    }
  ],
  "related": [
    "CVE-2023-45235",
    "CVE-2022-36763",
    "CVE-2022-36764",
    "CVE-2022-36765",
    "CVE-2023-45229",
    "CVE-2023-45231",
    "CVE-2023-45232",
    "CVE-2023-45233"
  ],
  "summary": "Important: edk2 security update"
}

BDU:2024-00627

Vulnerability from fstec - Published: 03.08.2023

Title

Уязвимость функции Ip6IsOptionValid() библиотеки Tianocore edk2, позволяющая нарушителю оказать воздействие на доступность защищаемой информации или вызвать отказ в обслуживании

Description

Уязвимость функции Ip6IsOptionValid() библиотеки Tianocore edk2 связана с выполнением цикла с недоступным условием выхода при обработке параметра PadN. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать воздействие на доступность защищаемой информации или вызвать отказ в обслуживании

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения, ООО «Ред Софт», ООО «РусБИТех-Астра», Fedora Project, Tianocore

Software Name

Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Fedora, edk2

Software Version

10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 39 (Fedora), до 202311 включительно (edk2)

Possible Mitigations

Использование рекомендаций: Для EDK2: https://bugzilla.tianocore.org/show_bug.cgi?id=4518#c14 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-45233 Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/ Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для ОС Astra Linux: обновить пакет edk2 до 2024.02-2.astra.se02 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 Для Astra Linux Special Edition 4.7 для архитектуры ARM: обновить пакет edk2 до 2024.02-2.astra.se04 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47

Reference

http://www.openwall.com/lists/oss-security/2024/01/16/2 https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h https://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html https://bugzilla.tianocore.org/show_bug.cgi?id=4518#c14 https://security-tracker.debian.org/tracker/CVE-2023-45233 https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html https://github.com/quarkslab/pixiefail/blob/main/pixiefail-CVE-2023-45233.py http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47

CWE

CWE-835

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Fedora Project, Tianocore",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 39 (Fedora), \u0434\u043e 202311 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (edk2)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f EDK2:\nhttps://bugzilla.tianocore.org/show_bug.cgi?id=4518#c14\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-45233\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 edk2 \u0434\u043e 2024.02-2.astra.se02 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 edk2 \u0434\u043e 2024.02-2.astra.se04 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.08.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.01.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-00627",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-45233",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora, edk2",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora Project Fedora 39 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Ip6IsOptionValid() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Tianocore edk2, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0446\u0438\u043a\u043b\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c \u0432\u044b\u0445\u043e\u0434\u0430 (\u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u0446\u0438\u043a\u043b) (CWE-835)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Ip6IsOptionValid() \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Tianocore edk2 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0446\u0438\u043a\u043b\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 PadN. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.openwall.com/lists/oss-security/2024/01/16/2 \nhttps://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h\nhttps://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html\nhttps://bugzilla.tianocore.org/show_bug.cgi?id=4518#c14\nhttps://security-tracker.debian.org/tracker/CVE-2023-45233\nhttps://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html\nhttps://github.com/quarkslab/pixiefail/blob/main/pixiefail-CVE-2023-45233.py\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2024-0830SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-835",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CERTFR-2024-AVI-0679

Vulnerability from certfr_avis - Published: 2024-08-14 - Updated: 2024-08-14

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Intel	N/A	Intel ISH software for 11th Generation Intel Core Processor Family versions antérieures à 5.4.1.4479
Intel	N/A	Intel ISH software for Intel NUC M15 Laptop Kits LAPBC710 and LAPBC510 versions antérieures à 5.4.1.4479
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgLnx software versions antérieures à 5.05.04.0008
Intel	N/A	Intel Advisor software versions antérieures à 2024.1
Intel	N/A	LAPAC71G and LAPAC71H versions antérieures à 0065
Intel	N/A	Intel Trace Analyzer and Collector versions antérieures à 2022.1
Intel	N/A	Intel oneAPI Base Toolkits versions antérieures à 2024.1
Intel	N/A	Intel(R) Ethernet Controllers E800 Series with NVM image versions 4.4
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEditLnx software versions antérieures à 5.27.06.0019
Intel	N/A	Intel Quartus Prime Pro Edition Design software versions antérieures à 23.4
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEdit-Win software versions antérieures à 5.27.03.0006
Intel	N/A	Intel Distribution pour Python pour Windows versions antérieures à 2024.1
Intel	N/A	Intel MPI Library versions antérieures à 2021.12
Intel	N/A	Intel MAS (GUI) versions antérieures à 2.5.0
Intel	N/A	Intel Simics Package Manager software versions antérieures à 1.8.3.
Intel	N/A	Intel Fortran Compiler versions antérieures à 2024.1
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgWin software versions antérieures à 5.05.04.0008
Intel	N/A	Intel Agilex FPGA 7 FPGA firmware versions antérieures à 24.1
Intel	N/A	Intel NUC X15 Laptop
Intel	N/A	LAPKC51E, LAPKC71E, LAPKC71F versions antérieures à 0048
Intel	N/A	Intel High Level Synthesis Compiler software versions antérieures à 23.4
Intel	N/A	Intel FPGA SDK for OpenCL software technology, toutes versions
Intel	N/A	Intel NUC M15 Laptop Kits: LAPRC710, LAPRC510
Intel	N/A	Intel IPP Cryptography software versions antérieures à 2021.11
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVLnx software versions antérieures à 5.13.00.2106
Intel	N/A	Intel VTune Profiler software versions antérieures à 2024.1
Intel	N/A	Intel Ethernet Adapter Complete Driver Pack software versions antérieures à 28.3
Intel	N/A	Intel HID Event Filter software versions antérieures à 2.2.2.1
Intel	N/A	Intel Connectivity Performance Suite software versions antérieures à 2.0
Intel	N/A	Intel NUC X15 Laptop Kits: LAPAC71G, LAPAC71H, LAPKC71F, LAPKC71E, LAPKC51E.
Intel	N/A	Intel CIP software versions antérieures à 2.4.10717
Intel	N/A	Intel oneAPI Base Toolkit versions antérieures à 2024.1
Intel	N/A	Intel oneAPI HPC Toolkit versions antérieures à 2024.1.0.
Intel	N/A	Intel(R) Ethernet Controllers E800 Series avec des versions antérieures à NIC1.3 PV, NVM avec versions d'images avant 3.36 et Intel(R) Ethernet Complete Driver Pack 28.3.
Intel	N/A	Intel oneAPI DPC++/C++ Compiler versions antérieures à 2024.1.
Intel	N/A	Flexlm License Daemons for Intel FPGA Software version v11.19.5.0
Intel	N/A	Intel Quartus Prime Pro Edition Design Software versions antérieures à 24.1
Intel	N/A	Intel ISH software for 12th Generation Intel Core Processor Family versions antérieures à 5.4.2.4594
Intel	N/A	Intel NUC M15 Laptop Kits: LAPBC710, LAPBC510, LAPRC710, LAPRC510
Intel	N/A	Intel Unite Client Extended Display Plugin software installer, toutes versions
Intel	N/A	Intel DPC++ C++ Compiler software versions antérieures à 2024.1
Intel	N/A	Intel(R) Ethernet Complete Driver Pack versions antérieures à 28.3
Intel	N/A	Intel Arc Iris Xe Graphics versions antérieures à 31.0.101.4824
Intel	N/A	Intel TDX module software versions 1.5.05.46.698
Intel	N/A	Intel Integrated Performance Primitive versions antérieures à 2021.11
Intel	N/A	LAPRC510, LAPRC710 versions antérieures à 0066
Intel	N/A	Intel Data Center GPU Max Series 1100 et 1550
Intel	N/A	Intel oneAPI Base Toolkit software versions antérieures à 2024.1
Intel	N/A	Intel Distribution pour GDB software versions antérieures à 2024.0.1
Intel	N/A	Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVWin software versions antérieures à 5.13.00.2109
Intel	N/A	LAPBC510 and LAPBC710 versions antérieures à 0083
Intel	N/A	BMRA software versions antérieures à 22.08
Intel	N/A	Intel Graphics Performance Analyzers (Intel GPA) software versions antérieures à 2023.4
Intel	N/A	Intel License Manager for FLEXlm product versions antérieures à 11.19.5.0
Intel	N/A	VTune Profiler versions antérieures à VTune 2024.1
Intel	N/A	Processeurs Intel Xeon Scalable de 4ème et 5ème génération
Intel	N/A	Intel oneAPI HPC Toolkit versions antérieures à 2024.1
Intel	N/A	Intel VROC versions antérieures à 8.6.0.1191
Intel	N/A	Intel GPA software versions antérieures à 2024.1
Intel	N/A	Intel TDX module software versions antérieures à TDX 1.5.01.00.592
Intel	N/A	Intel oneAPI Math Kernel Library versions antérieures à 2024.1
Intel	N/A	Intel ISH software for Intel NUC M15 Laptop Kits LAPRC710 and LAPRC510 versions antérieures à 5.4.2.4594

References

Title

Publication Time

FKIE_CVE-2023-45233

Vulnerability from fkie_nvd - Published: 2024-01-16 16:15 - Updated: 2025-11-04 19:16

Severity

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
infosec@edk2.groups.io	http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html	Third Party Advisory, VDB Entry
infosec@edk2.groups.io	http://www.openwall.com/lists/oss-security/2024/01/16/2	Mailing List
infosec@edk2.groups.io	https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h	Vendor Advisory
infosec@edk2.groups.io	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/
infosec@edk2.groups.io	https://security.netapp.com/advisory/ntap-20240307-0011/
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/01/16/2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240307-0011/
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/132380

Impacted products

	Vendor	Product	Version
	tianocore	edk2	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEB3105-57CC-4096-81D3-D58005813C4B",
              "versionEndIncluding": "202311",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability."
    },
    {
      "lang": "es",
      "value": "EDK2\u0027s Network Package es susceptible a una vulnerabilidad de bucle infinito al analizar una opci\u00f3n PadN en el encabezado Destination Options de IPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso no autorizado y potencialmente provocar una p\u00e9rdida de disponibilidad."
    }
  ],
  "id": "CVE-2023-45233",
  "lastModified": "2025-11-04T19:16:00.577",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "infosec@edk2.groups.io",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-01-16T16:15:12.277",
  "references": [
    {
      "source": "infosec@edk2.groups.io",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
    },
    {
      "source": "infosec@edk2.groups.io",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
    },
    {
      "source": "infosec@edk2.groups.io",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
    },
    {
      "source": "infosec@edk2.groups.io",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
    },
    {
      "source": "infosec@edk2.groups.io",
      "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.kb.cert.org/vuls/id/132380"
    }
  ],
  "sourceIdentifier": "infosec@edk2.groups.io",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "infosec@edk2.groups.io",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-P9H6-P7CR-7842

Vulnerability from github – Published: 2024-01-16 18:31 – Updated: 2025-11-04 21:31

Details

Severity

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-45233"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-16T16:15:12Z",
    "severity": "HIGH"
  },
  "details": "EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability.",
  "id": "GHSA-p9h6-p7cr-7842",
  "modified": "2025-11-04T21:31:04Z",
  "published": "2024-01-16T18:31:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45233"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240307-0011"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/132380"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2023-45233

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-45233

Aliases

CVE-2023-45233

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-45233",
    "id": "GSD-2023-45233"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-45233"
      ],
      "details": " EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability.\n\n",
      "id": "GSD-2023-45233",
      "modified": "2023-12-13T01:20:38.384364Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "infosec@edk2.groups.io",
        "ID": "CVE-2023-45233",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "edk2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "edk2-stable202308"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "TianoCore"
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Quarkslab Vulnerability Reports Team"
        },
        {
          "lang": "en",
          "value": "Doug Flick"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": " EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-835",
                "lang": "eng",
                "value": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
            "refsource": "MISC",
            "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
          },
          {
            "name": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20240307-0011/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3CEB3105-57CC-4096-81D3-D58005813C4B",
                    "versionEndIncluding": "202311",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": " EDK2\u0027s Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Availability.\n\n"
          },
          {
            "lang": "es",
            "value": "EDK2\u0027s Network Package es susceptible a una vulnerabilidad de bucle infinito al analizar una opci\u00f3n PadN en el encabezado Destination Options de IPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso no autorizado y potencialmente provocar una p\u00e9rdida de disponibilidad."
          }
        ],
        "id": "CVE-2023-45233",
        "lastModified": "2024-03-13T02:15:50.430",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "infosec@edk2.groups.io",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-01-16T16:15:12.277",
        "references": [
          {
            "source": "infosec@edk2.groups.io",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
          },
          {
            "source": "infosec@edk2.groups.io",
            "tags": [
              "Mailing List"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
          },
          {
            "source": "infosec@edk2.groups.io",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
          },
          {
            "source": "infosec@edk2.groups.io",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
          },
          {
            "source": "infosec@edk2.groups.io",
            "url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
          }
        ],
        "sourceIdentifier": "infosec@edk2.groups.io",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-835"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-835"
              }
            ],
            "source": "infosec@edk2.groups.io",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

ICSA-26-141-02

Vulnerability from csaf_cisa - Published: 2026-01-29 00:30 - Updated: 2026-05-21 06:00

Summary

ABB B&R PCs

Notes

Summary: ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information.

Support: For additional instructions and support please contact your local B&R service organization. For contact information, see https://www.br-automation.com/en/about-us/locations/. Information about ABB’s cyber security program and capabilities can be found at www.abb.com/cybersecurity.

Notice: The information in this document is subject to change without notice, and should not be construed as a commitment by B&R. B&R provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall B&R or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if B&R or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from B&R, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.

General security recommendations: For any installation of software related ABB products we strongly recommend the following (non-exhaustive) list of cyber security practices: – Isolate special purpose networks (e.g. for automation systems) and remote devices behind firewalls and separate them from any general purpose network (e.g. office or home networks). – Install physical controls so no unauthorized personnel can access your devices, components, peripheral equipment, and networks. – Never connect programming software or computers containing programing software to any network other than the network for the devices that it is intended for. – Scan all data imported into your environment before use to detect potential malware infections. – Minimize network exposure for all applications and endpoints to ensure that they are not accessible from the Internet unless they are designed for such exposure and the intended use requires such. – Ensure all nodes are always up to date in terms of installed software, operating system, and firmware patches as well as anti-virus and firewall. – When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.

Purpose: B&R has a rigorous internal cyber security continuous improvement process which involves regular testing with industry leading tools and periodic assessments to identify potential product issues. Occasionally an issue is determined to be a design or coding flaw with implications that may impact product cyber security. When a potential product vulnerability is identified or reported, B&R immediately initiates our vulnerability handling process. This entails validating if the issue is in fact a product issue, identifying root causes, determining what related products may be impacted, developing a remediation, and notifying end users and governmental organizations. The resulting Cyber Security Advisory intends to notify customers of the vulnerability and provide details on which products are impacted, how to mitigate the vulnerability or explain workarounds that minimize the potential risk as much as possible. The release of a Cyber Security Advisory should not be misconstrued as an affirmation or indication of an active threat or ongoing campaign targeting the products mentioned here. If B&R is aware of any specific threats, it will be clearly mentioned in the communication. The publication of this Cyber Security Advisory is an example of B&R’s commitment to the user community in support of this critical topic. Responsible disclosure is an important element in the chain of trust we work to maintain with our many customers. The release of an Advisory provides timely information which is essential to help ensure our customers are fully informed.

Frequently Asked Questions: What is the scope of the vulnerabilities? - A network attacker who successfully exploited these vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. In worst case, these vulnerabilities can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. What causes the vulnerabilities? - The vulnerabilities are caused by usage of vulnerable UEFI firmware in some B&R xPCs. What is a B&R xPC? - A B&R xPC is an industrial PC (IPC) designed for use in industrial environments and is built to handle more demanding conditions than a standard PC. They often feature robust construction, resistance to dust and moisture, extended temperature ranges, and other specifications suited for industrial applications. What might an attacker use the vulnerabilities to do? - A network attacker who successfully exploited the vulnerabilities could execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. How could an attacker exploit the vulnerabilities? - An attacker could try to exploit the vulnerabilities by creating a specially crafted message and sending the message to an affected system node. This would require that the attacker has access to the system network, by connecting to the network either directly or through a wrongly configured or penetrated firewall, or that he installs malicious software on a system node or otherwise infects the network with malicious software. Recommended practices help mitigate such attacks, see section Mitigating Factors above. Could the vulnerabilities be exploited remotely? - Yes, an attacker who has network access to an affected system node could exploit this vulnerability. Recommended practices include that process control systems are physically protected, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed. What does the update do? - The update removes the vulnerabilities in the TCP/IP stack used by the UEFI firmware. When this security advisory was issued, had these vulnerabilities been publicly disclosed? - Yes, these vulnerabilities have been publicly disclosed. When this security advisory was issued, had B&R received any reports that this vulnerability was being exploited on B&R products? - No, B&R had not received any information indicating that this vulnerability had been exploited on B&R products when this security advisory was originally issued.

Legal Notice and Terms of Use: This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).

Advisory Conversion Disclaimer: This ICSA is a verbatim republication of ABB PSIRT SA24P003 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact ABB PSIRT directly for any questions regarding this advisory.

Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Critical infrastructure sectors: Energy

Countries/areas deployed: Worldwide

Company headquarters location: Switzerland

CVE-2023-45229

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

CWE-125 - Out-of-bounds Read

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45230

EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

8.3 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45231

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

CWE-125 - Out-of-bounds Read

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45232

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45233

EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45234

EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

8.3 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45235

EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

8.3 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45236

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C

CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

CVE-2023-45237

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Affected products

Fixed 9 products

Product	Identifier	Version	Remediation
ABB APC4100 1.09 ABB / APC4100		1.09
ABB C80 1.14 ABB / C80		1.14
ABB MPC3100 1.24 ABB / MPC3100		1.24
ABB PPC1200 1.14 ABB / PPC1200		1.14
ABB PPC900 2.16 ABB / PPC900		2.16
ABB APC2200 1.35 ABB / APC2200		1.35
ABB PPC2200 1.35 ABB / PPC2200		1.35
ABB APC3100 1.45 ABB / APC3100		1.45
ABB PPC3100 1.45 ABB / PPC3100		1.45

Known affected 10 products

Product	Version	Remediation
ABB APC4100 <1.09 ABB / APC4100	<1.09	Vendor Fix Mitigation
ABB APC910 <=1.25 ABB / APC910	<=1.25	Vendor Fix Mitigation
ABB C80 <1.14 ABB / C80	<1.14	Vendor Fix Mitigation
ABB MPC3100 <1.24 ABB / MPC3100	<1.24	Vendor Fix Mitigation
ABB PPC1200 <1.14 ABB / PPC1200	<1.14	Vendor Fix Mitigation
ABB PPC900 <2.16 ABB / PPC900	<2.16	Vendor Fix Mitigation
ABB APC2200 <1.35 ABB / APC2200	<1.35	Vendor Fix Mitigation
ABB PPC2200 <1.35 ABB / PPC2200	<1.35	Vendor Fix Mitigation
ABB APC3100 <1.45 ABB / APC3100	<1.45	Vendor Fix Mitigation
ABB PPC3100 <1.45 ABB / PPC3100	<1.45	Vendor Fix Mitigation

References

37 references

URL	Category
https://psirt.abb.com/csaf/2026/sa24p003.json	self
https://www.br-automation.com/fileadmin/SA24P003-…	self
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://www.cisa.gov/news-events/ics-alerts/ics-a…	external
https://www.cisa.gov/resources-tools/resources/ic…	external
https://www.cisa.gov/topics/industrial-control-systems	external
https://www.cisa.gov/sites/default/files/recommen…	external
https://www.cisa.gov/sites/default/files/publicat…	external
https://www.cisa.gov/news-events/news/targeted-cy…	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45229	external
https://www.cve.org/CVERecord?id=CVE-2023-45229	external
https://cwe.mitre.org/data/definitions/125.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://nvd.nist.gov/vuln/detail/2023-45230	external
https://www.cve.org/CVERecord?id=CVE-2023-45230	external
https://cwe.mitre.org/data/definitions/119.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45231	external
https://www.cve.org/CVERecord?id=CVE-2023-45231	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45232	external
https://www.cve.org/CVERecord?id=CVE-2023-45232	external
https://cwe.mitre.org/data/definitions/835.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45233	external
https://www.cve.org/CVERecord?id=CVE-2023-45233	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45234	external
https://www.cve.org/CVERecord?id=CVE-2023-45234	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45235	external
https://www.cve.org/CVERecord?id=CVE-2023-45235	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45236	external
https://www.cve.org/CVERecord?id=CVE-2023-45236	external
https://cwe.mitre.org/data/definitions/338.html	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45237	external
https://www.cve.org/CVERecord?id=CVE-2023-45237	external
https://www.first.org/cvss/calculator/3.1#CVSS:3.…	external

Acknowledgments

ABB PSIRT

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "ABB PSIRT",
        "summary": "reported these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability.\n\nA network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. ",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "For additional instructions and support please contact your local B\u0026R service organization. For contact information, see https://www.br-automation.com/en/about-us/locations/.\n\nInformation about ABB\u2019s cyber security program and capabilities can be found at www.abb.com/cybersecurity.\n\n",
        "title": "Support"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information in this document is subject to change without notice, and should not be construed as a commitment by B\u0026R.\n\nB\u0026R provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall B\u0026R or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if B\u0026R or its suppliers have been advised of the possibility of such damages.\n\nThis document and parts hereof must not be reproduced or copied without written permission from B\u0026R, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose.\n\nAll rights to registrations and trademarks reside with their respective owners.",
        "title": "Notice"
      },
      {
        "category": "other",
        "text": "For any installation of software related ABB products we strongly recommend the following (non-exhaustive) list of cyber security practices:\n\n\u2013 Isolate special purpose networks (e.g. for automation systems) and remote devices behind firewalls\nand separate them from any general purpose network (e.g. office or home networks).\n\n\u2013 Install physical controls so no unauthorized personnel can access your devices, components, peripheral equipment, and networks.\n\n\u2013 Never connect programming software or computers containing programing software to any network other than the network for the devices that it is intended for.\n\n\u2013 Scan all data imported into your environment before use to detect potential malware infections.\n\n\u2013 Minimize network exposure for all applications and endpoints to ensure that they are not accessible\nfrom the Internet unless they are designed for such exposure and the intended use requires such.\n\n\u2013 Ensure all nodes are always up to date in terms of installed software, operating system, and firmware\npatches as well as anti-virus and firewall.\n\n\u2013 When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
        "title": "General security recommendations"
      },
      {
        "category": "other",
        "text": "B\u0026R has a rigorous internal cyber security continuous improvement process which involves regular testing with industry leading tools and periodic assessments to identify potential product issues. Occasionally an issue is determined to be a design or coding flaw with implications that may impact product cyber security.\n\nWhen a potential product vulnerability is identified or reported, B\u0026R immediately initiates our vulnerability handling process. This entails validating if the issue is in fact a product issue, identifying root causes, determining what related products may be impacted, developing a remediation, and notifying end users and governmental organizations.\n\nThe resulting Cyber Security Advisory intends to notify customers of the vulnerability and provide details on which products are impacted, how to mitigate the vulnerability or explain workarounds that minimize the potential risk as much as possible. The release of a Cyber Security Advisory should not be misconstrued as an affirmation or indication of an active threat or ongoing campaign targeting the products mentioned here. If B\u0026R is aware of any specific threats, it will be clearly mentioned in the communication.\n\nThe publication of this Cyber Security Advisory is an example of B\u0026R\u2019s commitment to the user community in support of this critical topic. Responsible disclosure is an important element in the chain of trust we work to maintain with our many customers. The release of an Advisory provides timely information which is essential to help ensure our customers are fully informed.",
        "title": "Purpose"
      },
      {
        "category": "faq",
        "text": "What is the scope of the vulnerabilities? \n- A network attacker who successfully exploited these vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. In worst case, these vulnerabilities can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. \n\nWhat causes the vulnerabilities? \n- The vulnerabilities are caused by usage of vulnerable UEFI firmware in some B\u0026R xPCs. \n\nWhat is a B\u0026R xPC? \n- A B\u0026R xPC is an industrial PC (IPC) designed for use in industrial environments and is built to handle more demanding conditions than a standard PC. They often feature robust construction, resistance to dust and moisture, extended temperature ranges, and other specifications suited for industrial applications. \n\nWhat might an attacker use the vulnerabilities to do? \n- A network attacker who successfully exploited the vulnerabilities could execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. \n\nHow could an attacker exploit the vulnerabilities? \n- An attacker could try to exploit the vulnerabilities by creating a specially crafted message and sending the message to an affected system node. This would require that the attacker has access to the system network, by connecting to the network either directly or through a wrongly configured or penetrated firewall, or that he installs malicious software on a system node or otherwise infects the network with malicious software. Recommended practices help mitigate such attacks, see section Mitigating Factors above. \n\nCould the vulnerabilities be exploited remotely?  \n- Yes, an attacker who has network access to an affected system node could exploit this vulnerability. Recommended practices include that process control systems are physically protected, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed. \n\nWhat does the update do? \n- The update removes the vulnerabilities in the TCP/IP stack used by the UEFI firmware. \n\nWhen this security advisory was issued, had these vulnerabilities been publicly disclosed? \n- Yes, these vulnerabilities have been publicly disclosed. \n\nWhen this security advisory was issued, had B\u0026R received any reports that this vulnerability was being exploited on B\u0026R products? \n- No, B\u0026R had not received any information indicating that this vulnerability had been exploited on B\u0026R products when this security advisory was originally issued. ",
        "title": "Frequently Asked Questions"
      },
      {
        "category": "legal_disclaimer",
        "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
        "title": "Legal Notice and Terms of Use"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of ABB PSIRT SA24P003 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact ABB PSIRT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "Energy",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Switzerland",
        "title": "Company headquarters location"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ABB CYBERSECURITY ADVISORY - CSAF Version ",
        "url": "https://psirt.abb.com/csaf/2026/sa24p003.json"
      },
      {
        "category": "self",
        "summary": "ABB CYBERSECURITY ADVISORY - PDF Version ",
        "url": "https://www.br-automation.com/fileadmin/SA24P003-bb9ea116.pdf"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-26-141-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2026/icsa-26-141-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-26-141-02 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
      }
    ],
    "title": "ABB B\u0026R PCs",
    "tracking": {
      "current_release_date": "2026-05-21T06:00:00.000000Z",
      "generator": {
        "date": "2026-05-19T15:18:28.047733Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.5.0"
        }
      },
      "id": "ICSA-26-141-02",
      "initial_release_date": "2026-01-29T00:30:00.000000Z",
      "revision_history": [
        {
          "date": "2026-01-29T00:30:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial version."
        },
        {
          "date": "2026-05-21T06:00:00.000000Z",
          "legacy_version": "CISA Republication",
          "number": "2",
          "summary": "Initial CISA Republication of ABB PSIRT SA24P003 advisory"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.09",
                "product": {
                  "name": "ABB APC4100 \u003c1.09",
                  "product_id": "CSAFPID-0001"
                }
              },
              {
                "category": "product_version",
                "name": "1.09",
                "product": {
                  "name": "ABB APC4100 1.09",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "APC4100"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=1.25",
                "product": {
                  "name": "ABB APC910 \u003c=1.25",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "APC910"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.14",
                "product": {
                  "name": "ABB C80 \u003c1.14",
                  "product_id": "CSAFPID-0004"
                }
              },
              {
                "category": "product_version",
                "name": "1.14",
                "product": {
                  "name": "ABB C80 1.14",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "C80"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.24",
                "product": {
                  "name": "ABB MPC3100 \u003c1.24",
                  "product_id": "CSAFPID-0006"
                }
              },
              {
                "category": "product_version",
                "name": "1.24",
                "product": {
                  "name": "ABB MPC3100 1.24",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "MPC3100"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.14",
                "product": {
                  "name": "ABB PPC1200 \u003c1.14",
                  "product_id": "CSAFPID-0008"
                }
              },
              {
                "category": "product_version",
                "name": "1.14",
                "product": {
                  "name": "ABB PPC1200 1.14",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "PPC1200"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.16",
                "product": {
                  "name": "ABB PPC900 \u003c2.16",
                  "product_id": "CSAFPID-0010"
                }
              },
              {
                "category": "product_version",
                "name": "2.16",
                "product": {
                  "name": "ABB PPC900 2.16",
                  "product_id": "CSAFPID-0011"
                }
              }
            ],
            "category": "product_name",
            "name": "PPC900"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.35",
                "product": {
                  "name": "ABB APC2200 \u003c1.35",
                  "product_id": "CSAFPID-0012"
                }
              },
              {
                "category": "product_version",
                "name": "1.35",
                "product": {
                  "name": "ABB APC2200 1.35",
                  "product_id": "CSAFPID-0013"
                }
              }
            ],
            "category": "product_name",
            "name": "APC2200"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.35",
                "product": {
                  "name": "ABB PPC2200 \u003c1.35",
                  "product_id": "CSAFPID-0014"
                }
              },
              {
                "category": "product_version",
                "name": "1.35",
                "product": {
                  "name": "ABB PPC2200 1.35",
                  "product_id": "CSAFPID-0015"
                }
              }
            ],
            "category": "product_name",
            "name": "PPC2200"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.45",
                "product": {
                  "name": "ABB APC3100 \u003c1.45",
                  "product_id": "CSAFPID-0016"
                }
              },
              {
                "category": "product_version",
                "name": "1.45",
                "product": {
                  "name": "ABB APC3100 1.45",
                  "product_id": "CSAFPID-0017"
                }
              }
            ],
            "category": "product_name",
            "name": "APC3100"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.45",
                "product": {
                  "name": "ABB PPC3100 \u003c1.45",
                  "product_id": "CSAFPID-0018"
                }
              },
              {
                "category": "product_version",
                "name": "1.45",
                "product": {
                  "name": "ABB PPC3100 1.45",
                  "product_id": "CSAFPID-0019"
                }
              }
            ],
            "category": "product_name",
            "name": "PPC3100"
          }
        ],
        "category": "vendor",
        "name": "ABB"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45229",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. ",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45229",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45229"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45229"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/125.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.9,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 5.9,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45229"
    },
    {
      "cve": "CVE-2023-45230",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - 2023-45230",
          "url": "https://nvd.nist.gov/vuln/detail/2023-45230"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45230"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/119.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45230"
    },
    {
      "cve": "CVE-2023-45231",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. ",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45231",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45231"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45231"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/125.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.9,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 5.9,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45231"
    },
    {
      "cve": "CVE-2023-45232",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.  ",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45232",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45232"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45232"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/835.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.7,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.7,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45232"
    },
    {
      "cve": "CVE-2023-45233",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to an infinite loop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45233",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45233"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45233"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/835.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.7,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.7,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45233"
    },
    {
      "cve": "CVE-2023-45234",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45234",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45234"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45234"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/119.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\n B\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45234"
    },
    {
      "cve": "CVE-2023-45235",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. ",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45235",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45235"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45235"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/119.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45235"
    },
    {
      "cve": "CVE-2023-45236",
      "cwe": {
        "id": "CWE-338",
        "name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45236",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45236"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45236"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/338.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.2,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "CHANGED",
            "temporalScore": 5.2,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45236"
    },
    {
      "cve": "CVE-2023-45237",
      "cwe": {
        "id": "CWE-338",
        "name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
      },
      "notes": [
        {
          "category": "description",
          "text": "EDK2\u0027s Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0005",
          "CSAFPID-0007",
          "CSAFPID-0009",
          "CSAFPID-0011",
          "CSAFPID-0013",
          "CSAFPID-0015",
          "CSAFPID-0017",
          "CSAFPID-0019"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0006",
          "CSAFPID-0008",
          "CSAFPID-0010",
          "CSAFPID-0012",
          "CSAFPID-0014",
          "CSAFPID-0016",
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2023-45237",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45237"
        },
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45237"
        },
        {
          "category": "external",
          "summary": "cwe.mitre.org",
          "url": "https://cwe.mitre.org/data/definitions/338.html"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The problems are corrected in the following product versions: \n\n- APC4100 1.09 \n- APC910 No patch will be released (Please refer to the mitigation measures specified in this advisory). \n- C80 1.14 \n- MPC3100 1.24 \n- PPC1200 1.14 \n- PPC900 2.16 \n- APC2200 1.35 \n- PPC2200 1.35 \n- APC3100 1.45 \n- PPC3100 1.45\n\nB\u0026R recommends that customers apply the update at earliest convenience. \n\nThe process to install updates is described in the user manual. The step to identify the installed product version is described in the user manual. ",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "Deactivate the vulnerable component \n- The vulnerabilities exist in the Preboot eXecution Environment (PXE) of the UEFI firmware. If this functionality is not needed, it is recommended to disable it in the UEFI settings, thus making the vulnerabilities not exploitable. \n\nLimit accessibility \n- If PXE functionality is required, users should tightly restrict network traffic to legitimate users and block illegitimate PXE traffic, specifically related to IPv6. For instance, by blocking IPv6 network traffic on the control network firewall. \n\nhttps://help.br-automation.com/#/en/6/cyber-security/defense-in-depth-for-br-products/reference_architecture.html\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 4.8,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "PROOF_OF_CONCEPT",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 4.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0006",
            "CSAFPID-0008",
            "CSAFPID-0010",
            "CSAFPID-0012",
            "CSAFPID-0014",
            "CSAFPID-0016",
            "CSAFPID-0018"
          ]
        }
      ],
      "title": "CVE-2023-45237"
    }
  ]
}

MSRC_CVE-2023-45233

Vulnerability from csaf_microsoft - Published: 2024-01-01 08:00 - Updated: 2026-02-18 14:24

Summary

Infinite loop in EDK II Network Package

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2023-45233

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 18132-17086		—
Unresolved product id: 17374-17086		—
Unresolved product id: 18131-17084		—
Unresolved product id: 17859-17084		—
Unresolved product id: 19678-17086		—
Unresolved product id: 19674-17086		—

Known affected 6 products

Product	Version	Remediation
Unresolved product id: 17086-4	—	Vendor Fix fix
Unresolved product id: 17086-8	—	Vendor Fix fix
Unresolved product id: 17084-5	—	Vendor Fix fix
Unresolved product id: 17084-6	—	Vendor Fix fix
Unresolved product id: 17086-1	—	Vendor Fix fix
Unresolved product id: 17086-2	—	Vendor Fix fix

Known not affected 3 products

Product	Identifier	Version	Remediation
Unresolved product id: 17086-3		—
Unresolved product id: 17084-7		—
Unresolved product id: 17086-9		—

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2024/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2023-45233 Infinite loop in EDK II Network Package - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2023-45233.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Infinite loop in EDK II Network Package",
    "tracking": {
      "current_release_date": "2026-02-18T14:24:54.000Z",
      "generator": {
        "date": "2026-02-21T01:47:58.631Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2023-45233",
      "initial_release_date": "2024-01-01T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-04-08T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2024-06-30T07:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Information published."
        },
        {
          "date": "2024-09-24T00:00:00.000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Information published."
        },
        {
          "date": "2026-02-18T14:24:54.000Z",
          "legacy_version": "2",
          "number": "4",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              },
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-40",
                "product": {
                  "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-40",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 edk2 20230301gitf80f052277c8-40",
                "product": {
                  "name": "cbl2 edk2 20230301gitf80f052277c8-40",
                  "product_id": "18132"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 edk2 20240223gitedc6681206c1-1",
                "product": {
                  "name": "\u003cazl3 edk2 20240223gitedc6681206c1-1",
                  "product_id": "5"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 edk2 20240223gitedc6681206c1-1",
                "product": {
                  "name": "azl3 edk2 20240223gitedc6681206c1-1",
                  "product_id": "18131"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 edk2 20230301gitf80f052277c8-37",
                "product": {
                  "name": "\u003cazl3 edk2 20230301gitf80f052277c8-37",
                  "product_id": "6"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 edk2 20230301gitf80f052277c8-37",
                "product": {
                  "name": "azl3 edk2 20230301gitf80f052277c8-37",
                  "product_id": "17859"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-41",
                "product": {
                  "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-41",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 edk2 20230301gitf80f052277c8-41",
                "product": {
                  "name": "cbl2 edk2 20230301gitf80f052277c8-41",
                  "product_id": "19674"
                }
              }
            ],
            "category": "product_name",
            "name": "edk2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 hvloader 1.0.1-9",
                "product": {
                  "name": "\u003ccbl2 hvloader 1.0.1-9",
                  "product_id": "8"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 hvloader 1.0.1-9",
                "product": {
                  "name": "cbl2 hvloader 1.0.1-9",
                  "product_id": "17374"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 hvloader 1.0.1-11",
                "product": {
                  "name": "\u003ccbl2 hvloader 1.0.1-11",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 hvloader 1.0.1-11",
                "product": {
                  "name": "cbl2 hvloader 1.0.1-11",
                  "product_id": "19678"
                }
              }
            ],
            "category": "product_name",
            "name": "hvloader"
          },
          {
            "category": "product_name",
            "name": "cbl2 qemu 6.2.0-24",
            "product": {
              "name": "cbl2 qemu 6.2.0-24",
              "product_id": "3"
            }
          },
          {
            "category": "product_name",
            "name": "azl3 qemu 8.2.0-16",
            "product": {
              "name": "azl3 qemu 8.2.0-16",
              "product_id": "7"
            }
          },
          {
            "category": "product_name",
            "name": "cbl2 qemu 6.2.0-24",
            "product": {
              "name": "cbl2 qemu 6.2.0-24",
              "product_id": "9"
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 qemu 6.2.0-24 as a component of CBL Mariner 2.0",
          "product_id": "17086-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 qemu 8.2.0-16 as a component of Azure Linux 3.0",
          "product_id": "17084-7"
        },
        "product_reference": "7",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 qemu 6.2.0-24 as a component of CBL Mariner 2.0",
          "product_id": "17086-9"
        },
        "product_reference": "9",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-40 as a component of CBL Mariner 2.0",
          "product_id": "17086-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 edk2 20230301gitf80f052277c8-40 as a component of CBL Mariner 2.0",
          "product_id": "18132-17086"
        },
        "product_reference": "18132",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 hvloader 1.0.1-9 as a component of CBL Mariner 2.0",
          "product_id": "17086-8"
        },
        "product_reference": "8",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 hvloader 1.0.1-9 as a component of CBL Mariner 2.0",
          "product_id": "17374-17086"
        },
        "product_reference": "17374",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 edk2 20240223gitedc6681206c1-1 as a component of Azure Linux 3.0",
          "product_id": "17084-5"
        },
        "product_reference": "5",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 edk2 20240223gitedc6681206c1-1 as a component of Azure Linux 3.0",
          "product_id": "18131-17084"
        },
        "product_reference": "18131",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 edk2 20230301gitf80f052277c8-37 as a component of Azure Linux 3.0",
          "product_id": "17084-6"
        },
        "product_reference": "6",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 edk2 20230301gitf80f052277c8-37 as a component of Azure Linux 3.0",
          "product_id": "17859-17084"
        },
        "product_reference": "17859",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 hvloader 1.0.1-11 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 hvloader 1.0.1-11 as a component of CBL Mariner 2.0",
          "product_id": "19678-17086"
        },
        "product_reference": "19678",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 edk2 20230301gitf80f052277c8-41 as a component of CBL Mariner 2.0",
          "product_id": "17086-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 edk2 20230301gitf80f052277c8-41 as a component of CBL Mariner 2.0",
          "product_id": "19674-17086"
        },
        "product_reference": "19674",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45233",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "flags": [
        {
          "label": "component_not_present",
          "product_ids": [
            "17084-7"
          ]
        },
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "17086-3",
            "17086-9"
          ]
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "TianoCore",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "18132-17086",
          "17374-17086",
          "18131-17084",
          "17859-17084",
          "19678-17086",
          "19674-17086"
        ],
        "known_affected": [
          "17086-4",
          "17086-8",
          "17084-5",
          "17084-6",
          "17086-1",
          "17086-2"
        ],
        "known_not_affected": [
          "17086-3",
          "17084-7",
          "17086-9"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45233 Infinite loop in EDK II Network Package - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2023-45233.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-08T00:00:00.000Z",
          "details": "20230301gitf80f052277c8-40:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-4",
            "17086-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-08T00:00:00.000Z",
          "details": "1.0.1-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-8"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-08T00:00:00.000Z",
          "details": "20240223gitedc6681206c1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-5",
            "17084-6"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-08T00:00:00.000Z",
          "details": "1.0.1-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "17086-4",
            "17086-8",
            "17084-5",
            "17084-6",
            "17086-1",
            "17086-2"
          ]
        }
      ],
      "title": "Infinite loop in EDK II Network Package"
    }
  ]
}

RHSA-2024:2264

Vulnerability from csaf_redhat - Published: 2024-04-30 09:52 - Updated: 2026-03-18 02:31

Summary

Red Hat Security Advisory: edk2 security update

Severity

Important

Notes

Topic: An update for edk2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235) * EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763) * EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764) * edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229) * edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231) * edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232) * edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233) * openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2022-36763

A heap buffer overflow flaw was found via the Tcg2MeasureGptTable() function in EDK2, arising from inadequate validation of the GPT Primary Header, presenting a minor risk to confidentiality and integrity. The primary consequence is likely a crash or denial of service. This issue may allow a local attacker to craft a GPT table, causing an integer overflow and consequent buffer overflow.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

CWE-680 - Integer Overflow to Buffer Overflow

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2022-36764

A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage() function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a moderate risk to confidentiality and integrity. However, the primary consequence is likely a crash or denial of service.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

CWE-680 - Integer Overflow to Buffer Overflow

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2023-3446

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Low

CVE-2023-45229

A vulnerability has been identified in the NetworkPkg IP stack of EDK2, the open-source reference implementation of the UEFI specification. This flaw enables an unauthenticated attacker within the same network vicinity to transmit a specifically crafted DHCPv6 message. Exploiting this vulnerability may result in unauthorized access to memory beyond its boundaries, potentially leading to the exposure of sensitive information.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2023-45231

A security loophole involving an out-of-bounds read was identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker within the vicinity of the network to transmit a specifically crafted Neighbor Discovery Redirect message. Consequently, this may lead to the unauthorized reading of memory beyond the message boundaries, potentially resulting in the exposure of sensitive information.

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-125 - Out-of-bounds Read

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2023-45232

A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2023-45233

The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2023-45235

A security flaw involving buffer overflow was identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker within the vicinity network to transmit a specifically crafted DHCPv6 proxy Advertise message, resulting in the disclosure of information and potential compromise of system availability.

8.8 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 20 products

Product	Version	Remediation
Unresolved product id: AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-0:20231122-6.el9.src	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch	—	Vendor Fix fix Workaround

Threats

Impact Important

References

55 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:2264	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/documentation/en-us/red…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2224962	external
https://bugzilla.redhat.com/show_bug.cgi?id=2257582	external
https://bugzilla.redhat.com/show_bug.cgi?id=2257583	external
https://bugzilla.redhat.com/show_bug.cgi?id=2258677	external
https://bugzilla.redhat.com/show_bug.cgi?id=2258688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2258691	external
https://bugzilla.redhat.com/show_bug.cgi?id=2258694	external
https://bugzilla.redhat.com/show_bug.cgi?id=2258700	external
https://issues.redhat.com/browse/RHEL-14123	external
https://issues.redhat.com/browse/RHEL-20963	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2022-36763	self
https://bugzilla.redhat.com/show_bug.cgi?id=2257582	external
https://www.cve.org/CVERecord?id=CVE-2022-36763	external
https://nvd.nist.gov/vuln/detail/CVE-2022-36763	external
https://github.com/tianocore/edk2/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2022-36764	self
https://bugzilla.redhat.com/show_bug.cgi?id=2257583	external
https://www.cve.org/CVERecord?id=CVE-2022-36764	external
https://nvd.nist.gov/vuln/detail/CVE-2022-36764	external
https://github.com/tianocore/edk2/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2023-3446	self
https://bugzilla.redhat.com/show_bug.cgi?id=2224962	external
https://www.cve.org/CVERecord?id=CVE-2023-3446	external
https://nvd.nist.gov/vuln/detail/CVE-2023-3446	external
https://www.openssl.org/news/secadv/20230719.txt	external
https://access.redhat.com/security/cve/CVE-2023-45229	self
https://bugzilla.redhat.com/show_bug.cgi?id=2258677	external
https://www.cve.org/CVERecord?id=CVE-2023-45229	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45229	external
https://blog.quarkslab.com/pixiefail-nine-vulnera…	external
https://github.com/tianocore/edk2/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2023-45231	self
https://bugzilla.redhat.com/show_bug.cgi?id=2258688	external
https://www.cve.org/CVERecord?id=CVE-2023-45231	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45231	external
https://github.com/advisories/GHSA-pr27-mhpp-2ccr	external
https://access.redhat.com/security/cve/CVE-2023-45232	self
https://bugzilla.redhat.com/show_bug.cgi?id=2258691	external
https://www.cve.org/CVERecord?id=CVE-2023-45232	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45232	external
https://github.com/advisories/GHSA-3r3p-444m-2g4p	external
https://access.redhat.com/security/cve/CVE-2023-45233	self
https://bugzilla.redhat.com/show_bug.cgi?id=2258694	external
https://www.cve.org/CVERecord?id=CVE-2023-45233	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45233	external
https://github.com/advisories/GHSA-p9h6-p7cr-7842	external
https://access.redhat.com/security/cve/CVE-2023-45235	self
https://bugzilla.redhat.com/show_bug.cgi?id=2258700	external
https://www.cve.org/CVERecord?id=CVE-2023-45235	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45235	external
https://github.com/advisories/GHSA-h9v6-q439-p7j2	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for edk2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message (CVE-2023-45235)\n\n* EDK2: heap buffer overflow in Tcg2MeasureGptTable() (CVE-2022-36763)\n\n* EDK2: heap buffer overflow in Tcg2MeasurePeImage() (CVE-2022-36764)\n\n* edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message (CVE-2023-45229)\n\n* edk2: Out of Bounds read when handling a ND Redirect message with truncated options (CVE-2023-45231)\n\n* edk2: Infinite loop when parsing unknown options in the Destination Options header (CVE-2023-45232)\n\n* edk2: Infinite loop when parsing a PadN option in the Destination Options header (CVE-2023-45233)\n\n* openssl: Excessive time spent checking DH keys and parameters (CVE-2023-3446)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:2264",
        "url": "https://access.redhat.com/errata/RHSA-2024:2264"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.4_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.4_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2224962",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224962"
      },
      {
        "category": "external",
        "summary": "2257582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257582"
      },
      {
        "category": "external",
        "summary": "2257583",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257583"
      },
      {
        "category": "external",
        "summary": "2258677",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258677"
      },
      {
        "category": "external",
        "summary": "2258688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258688"
      },
      {
        "category": "external",
        "summary": "2258691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258691"
      },
      {
        "category": "external",
        "summary": "2258694",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258694"
      },
      {
        "category": "external",
        "summary": "2258700",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258700"
      },
      {
        "category": "external",
        "summary": "RHEL-14123",
        "url": "https://issues.redhat.com/browse/RHEL-14123"
      },
      {
        "category": "external",
        "summary": "RHEL-20963",
        "url": "https://issues.redhat.com/browse/RHEL-20963"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2264.json"
      }
    ],
    "title": "Red Hat Security Advisory: edk2 security update",
    "tracking": {
      "current_release_date": "2026-03-18T02:31:01+00:00",
      "generator": {
        "date": "2026-03-18T02:31:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2024:2264",
      "initial_release_date": "2024-04-30T09:52:59+00:00",
      "revision_history": [
        {
          "date": "2024-04-30T09:52:59+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-04-30T09:52:59+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T02:31:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.4.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux CRB (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux CRB (v. 9)",
                  "product_id": "CRB-9.4.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-aarch64-0:20231122-6.el9.noarch",
                "product": {
                  "name": "edk2-aarch64-0:20231122-6.el9.noarch",
                  "product_id": "edk2-aarch64-0:20231122-6.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-aarch64@20231122-6.el9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-ovmf-0:20231122-6.el9.noarch",
                "product": {
                  "name": "edk2-ovmf-0:20231122-6.el9.noarch",
                  "product_id": "edk2-ovmf-0:20231122-6.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-ovmf@20231122-6.el9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-doc-0:20231122-6.el9.noarch",
                "product": {
                  "name": "edk2-tools-doc-0:20231122-6.el9.noarch",
                  "product_id": "edk2-tools-doc-0:20231122-6.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-doc@20231122-6.el9?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-tools-0:20231122-6.el9.aarch64",
                "product": {
                  "name": "edk2-tools-0:20231122-6.el9.aarch64",
                  "product_id": "edk2-tools-0:20231122-6.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools@20231122-6.el9?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-debugsource-0:20231122-6.el9.aarch64",
                "product": {
                  "name": "edk2-debugsource-0:20231122-6.el9.aarch64",
                  "product_id": "edk2-debugsource-0:20231122-6.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-debugsource@20231122-6.el9?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
                "product": {
                  "name": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
                  "product_id": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-debuginfo@20231122-6.el9?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-tools-0:20231122-6.el9.x86_64",
                "product": {
                  "name": "edk2-tools-0:20231122-6.el9.x86_64",
                  "product_id": "edk2-tools-0:20231122-6.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools@20231122-6.el9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-debugsource-0:20231122-6.el9.x86_64",
                "product": {
                  "name": "edk2-debugsource-0:20231122-6.el9.x86_64",
                  "product_id": "edk2-debugsource-0:20231122-6.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-debugsource@20231122-6.el9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
                "product": {
                  "name": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
                  "product_id": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-debuginfo@20231122-6.el9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-0:20231122-6.el9.src",
                "product": {
                  "name": "edk2-0:20231122-6.el9.src",
                  "product_id": "edk2-0:20231122-6.el9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2@20231122-6.el9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-0:20231122-6.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src"
        },
        "product_reference": "edk2-0:20231122-6.el9.src",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-aarch64-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-aarch64-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-debugsource-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-debugsource-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-ovmf-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-ovmf-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-tools-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-tools-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-doc-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-tools-doc-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-0:20231122-6.el9.src as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src"
        },
        "product_reference": "edk2-0:20231122-6.el9.src",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-aarch64-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-aarch64-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-debugsource-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-debugsource-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-ovmf-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-ovmf-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-tools-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-tools-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-doc-0:20231122-6.el9.noarch as a component of Red Hat Enterprise Linux CRB (v. 9)",
          "product_id": "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        },
        "product_reference": "edk2-tools-doc-0:20231122-6.el9.noarch",
        "relates_to_product_reference": "CRB-9.4.0.GA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36763",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "discovery_date": "2024-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2257582"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer overflow flaw was found via the Tcg2MeasureGptTable() function in EDK2, arising from inadequate validation of the GPT Primary Header, presenting a minor risk to confidentiality and integrity. The primary consequence is likely a crash or denial of service. This issue may allow a local attacker to craft a GPT table, causing an integer overflow and consequent buffer overflow.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "EDK2: heap buffer overflow in Tcg2MeasureGptTable()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-36763"
        },
        {
          "category": "external",
          "summary": "RHBZ#2257582",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257582"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36763",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-36763"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36763",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36763"
        },
        {
          "category": "external",
          "summary": "https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr",
          "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "EDK2: heap buffer overflow in Tcg2MeasureGptTable()"
    },
    {
      "cve": "CVE-2022-36764",
      "cwe": {
        "id": "CWE-680",
        "name": "Integer Overflow to Buffer Overflow"
      },
      "discovery_date": "2024-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2257583"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A heap-based buffer overflow flaw was found via the Tcg2MeasurePeImage() function in EDK2. Successful exploitation requires a local attacker to trigger an integer overflow in the calculation of the EventSize variable at DxeTpm2MeasureBootLib.c, leading to the heap-buffer overflow, presenting a moderate risk to confidentiality and integrity. However, the primary consequence is likely a crash or denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "EDK2: heap buffer overflow in Tcg2MeasurePeImage()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has protection mechanisms in place against buffer overflows, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-36764"
        },
        {
          "category": "external",
          "summary": "RHBZ#2257583",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257583"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36764",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-36764"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36764",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36764"
        },
        {
          "category": "external",
          "summary": "https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j",
          "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "EDK2: heap buffer overflow in Tcg2MeasurePeImage()"
    },
    {
      "cve": "CVE-2023-3446",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-07-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2224962"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Excessive time spent checking DH keys and parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The CVE-2023-3446 vulnerability in OpenSSL has been classified as having a low impact due to several factors. Firstly, while the potential for a Denial of Service (DoS) attack exists, it requires specific conditions to be met, notably the use of DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions with DH keys or parameters obtained from untrusted sources. Secondly, the issue primarily affects the efficiency of key and parameter checks, rather than directly compromising the security or integrity of cryptographic operations. Given these considerations and the absence of widespread exploitation or significant consequences beyond performance degradation, the overall impact of this vulnerability is deemed low rather than moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-3446"
        },
        {
          "category": "external",
          "summary": "RHBZ#2224962",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224962"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3446",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3446",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3446"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230719.txt",
          "url": "https://www.openssl.org/news/secadv/20230719.txt"
        }
      ],
      "release_date": "2023-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Excessive time spent checking DH keys and parameters"
    },
    {
      "cve": "CVE-2023-45229",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-01-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258677"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability has been identified in the NetworkPkg IP stack of EDK2, the open-source reference implementation of the UEFI specification. This flaw enables an unauthenticated attacker within the same network vicinity to transmit a specifically crafted DHCPv6 message. Exploiting this vulnerability may result in unauthorized access to memory beyond its boundaries, potentially leading to the exposure of sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The identified flaw in the NetworkPkg IP stack within the EDK2, an open-source UEFI implementation, poses a moderate security concern. This vulnerability allows an unauthenticated attacker within the same network to exploit via a crafted DHCPv6 message, potentially leading to the unauthorized access of memory beyond its designated boundaries. While the issue has the potential to leak sensitive information, its impact is considered moderate, requiring an attacker to be within the adjacent network for successful exploitation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45229"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258677",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258677"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45229",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45229"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45229",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45229"
        },
        {
          "category": "external",
          "summary": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html",
          "url": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
          "url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
        }
      ],
      "release_date": "2024-01-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message"
    },
    {
      "cve": "CVE-2023-45231",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2024-01-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A security loophole involving an out-of-bounds read was identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker within the vicinity of the network to transmit a specifically crafted Neighbor Discovery Redirect message. Consequently, this may lead to the unauthorized reading of memory beyond the message boundaries, potentially resulting in the exposure of sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Out of Bounds read when handling a ND Redirect message with truncated options",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The out-of-bounds read vulnerability in EDK2 represents a moderate security concern. This flaw, found in the open-source implementation of the UEFI specification, allows an attacker within the local network to exploit the issue by sending a carefully crafted Neighbor Discovery Redirect message. While requiring proximity for exploitation, the vulnerability could lead to unauthorized memory access and potential leakage of sensitive information.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45231"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45231",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45231"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45231",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45231"
        },
        {
          "category": "external",
          "summary": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html",
          "url": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-pr27-mhpp-2ccr",
          "url": "https://github.com/advisories/GHSA-pr27-mhpp-2ccr"
        }
      ],
      "release_date": "2024-01-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "edk2: Out of Bounds read when handling a ND Redirect message with truncated options"
    },
    {
      "cve": "CVE-2023-45232",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-01-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258691"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Infinite loop when parsing unknown options in the Destination Options header",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The identified flaw in the NetworkPkg IP stack within the EDK2, an open-source UEFI implementation, poses a moderate security concern as the vulnerability allows an unauthenticated attacker within the same local network to exploit via a specifically crafted Destination Options IPv6 header.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45232"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258691",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258691"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45232",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45232"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45232",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45232"
        },
        {
          "category": "external",
          "summary": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html",
          "url": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-3r3p-444m-2g4p",
          "url": "https://github.com/advisories/GHSA-3r3p-444m-2g4p"
        }
      ],
      "release_date": "2024-01-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "edk2: Infinite loop when parsing unknown options in the Destination Options header"
    },
    {
      "cve": "CVE-2023-45233",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-01-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258694"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Network Package in EDK2 is vulnerable to an infinite loop exploit when parsing a PadN option within the Destination Options header of IPv6. This flaw allows an unauthorized attacker to gain access and potentially result in a loss of system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Infinite loop when parsing a PadN option in the Destination Options header",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The identified vulnerability in EDK2\u0027s Network Package poses a moderate risk due to an infinite loop in the Ip6IsOptionValid function, specifically when parsing a PadN option in the Destination Options header of an IPv6 packet. This flaw occurs because the addition of 0x100 to the Offset variable is truncated to a UINT8, resulting in an unmodified Offset. As a consequence of this infinite loop, the affected computer never finishes booting up.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45233"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258694",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258694"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45233",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45233"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45233",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45233"
        },
        {
          "category": "external",
          "summary": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html",
          "url": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-p9h6-p7cr-7842",
          "url": "https://github.com/advisories/GHSA-p9h6-p7cr-7842"
        }
      ],
      "release_date": "2024-01-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "edk2: Infinite loop when parsing a PadN option in the Destination Options header"
    },
    {
      "cve": "CVE-2023-45235",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "discovery_date": "2024-01-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258700"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A security flaw involving buffer overflow was identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker within the vicinity network to transmit a specifically crafted DHCPv6 proxy Advertise message, resulting in the disclosure of information and potential compromise of system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The discovery of a buffer overflow vulnerability in EDK2, the open-source implementation of the UEFI specification, raises significant concerns for system security. This flaw, when exploited by an unauthorized attacker on the same network, allows for the transmission of a malicious DHCPv6 proxy Advertise message. This can lead to the compromise of sensitive information and poses a serious threat to the availability of the system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
          "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
          "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
          "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45235"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258700",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258700"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45235",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45235"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45235",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45235"
        },
        {
          "category": "external",
          "summary": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html",
          "url": "https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-h9v6-q439-p7j2",
          "url": "https://github.com/advisories/GHSA-h9v6-q439-p7j2"
        }
      ],
      "release_date": "2024-01-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-30T09:52:59+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:2264"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "AppStream-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "AppStream-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "AppStream-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-0:20231122-6.el9.src",
            "CRB-9.4.0.GA:edk2-aarch64-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-debugsource-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-ovmf-0:20231122-6.el9.noarch",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.aarch64",
            "CRB-9.4.0.GA:edk2-tools-debuginfo-0:20231122-6.el9.x86_64",
            "CRB-9.4.0.GA:edk2-tools-doc-0:20231122-6.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-45233 (GCVE-0-2023-45233)

Vulnerability from osv_almalinux

Vulnerability from osv_almalinux

Solutions

Tags

Sightings

Nomenclature