EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "0~20191122.bd85bf54-2ubuntu3.5", "binary_name": "ovmf" }, { "binary_version": "0~20191122.bd85bf54-2ubuntu3.5", "binary_name": "qemu-efi" }, { "binary_version": "0~20191122.bd85bf54-2ubuntu3.5", "binary_name": "qemu-efi-aarch64" }, { "binary_version": "0~20191122.bd85bf54-2ubuntu3.5", "binary_name": "qemu-efi-arm" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2022.02-3ubuntu0.22.04.2", "binary_name": "ovmf" }, { "binary_version": "2022.02-3ubuntu0.22.04.2", "binary_name": "ovmf-ia32" }, { "binary_version": "2022.02-3ubuntu0.22.04.2", "binary_name": "qemu-efi" }, { "binary_version": "2022.02-3ubuntu0.22.04.2", "binary_name": "qemu-efi-aarch64" }, { "binary_version": "2022.02-3ubuntu0.22.04.2", "binary_name": "qemu-efi-arm" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2023.11-6", "binary_name": "efi-shell-aa64" }, { "binary_version": "2023.11-6", "binary_name": "efi-shell-arm" }, { "binary_version": "2023.11-6", "binary_name": "efi-shell-ia32" }, { "binary_version": "2023.11-6", "binary_name": "efi-shell-riscv64" }, { "binary_version": "2023.11-6", "binary_name": "efi-shell-x64" }, { "binary_version": "2023.11-6", "binary_name": "ovmf" }, { "binary_version": "2023.11-6", "binary_name": "ovmf-ia32" }, { "binary_version": "2023.11-6", "binary_name": "qemu-efi-aarch64" }, { "binary_version": "2023.11-6", "binary_name": "qemu-efi-arm" }, { "binary_version": "2023.11-6", "binary_name": "qemu-efi-riscv64" } ] }