CVE-2023-45229
EUVD-2023-4953516.01.2024, 16:15
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| tianocore | edk2 | 𝑥 ≤ 202311 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| ovmf-201911 |
| ||||
| ovmf-202008 |
| ||||
| ovmf-202202 |
| ||||
| ovmf-202208 |
| ||||
| ovmf-202308 |
| ||||
| ovmf-202408 |
| ||||
| ovmf-tools-201911 |
| ||||
| ovmf-tools-202008 |
| ||||
| ovmf-tools-202202 |
| ||||
| ovmf-tools-202208 |
| ||||
| ovmf-tools-202308 |
| ||||
| ovmf-tools-202408 |
| ||||
| qemu-ovmf-x86_64-201911 |
| ||||
| qemu-ovmf-x86_64-202008 |
| ||||
| qemu-ovmf-x86_64-202202 |
| ||||
| qemu-ovmf-x86_64-202208 |
| ||||
| qemu-ovmf-x86_64-202308 |
| ||||
| qemu-ovmf-x86_64-202408 |
| ||||
| qemu-uefi-aarch64-202008 |
| ||||
| qemu-uefi-aarch64-202202 |
| ||||
| qemu-uefi-aarch64-202208 |
| ||||
| qemu-uefi-aarch64-202308 |
| ||||
| qemu-uefi-aarch64-202408 |
|
Red Hat Enterprise Linux Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| edk2-aarch64 |
| ||
| edk2-debuginfo |
| ||
| edk2-ovmf |
| ||
| edk2-tools |
| ||
| edk2-tools-doc |
| ||
| edk2-tools-python |
|
Azure Linux Releases
Common Weakness Enumeration
References