Search CVE reports
91 – 100 of 120 results
Some fixes available 5 of 7
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Not affected |
| nodejs | — | — | Not affected | Not affected |
| openssl | — | — | Fixed | Fixed |
| openssl1.0 | — | — | Not in release | Not affected |
Some fixes available 6 of 7
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Not affected |
| nodejs | — | — | Not affected | Not affected |
| openssl | — | — | Fixed | Fixed |
| openssl1.0 | — | — | Not in release | Fixed |
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Fixed |
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Fixed |
Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via local access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Fixed | Fixed |
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Fixed |
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Fixed |
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Fixed | Fixed |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | Not affected | Not affected | Not affected |
Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
1 affected package
edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| edk2 | — | — | Not affected | Fixed |