ROS-20240625-06

Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data.
Unauthorized access to confidential data

Vulnerability in tcg2measurepeimage() function of Tianocore EDK2 library is caused by a buffer overflow.
Exploitation of the vulnerability could allow an attacker to impact confidentiality,
integrity and availability of protected information

Vulnerability in createhob() function of Tianocore EDK2 library is caused by a buffer overflow. Exploitation
of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information.
availability of protected information

Vulnerability of NetRandomInitSeed() function of Tianocore edk2 library is related to errors in the code of the generator of
pseudorandom number generator code when processing the Seed parameter. Exploitation of the vulnerability could allow an attacker,
acting remotely, gain unauthorized access to protected information or cause a denial of service.
denial of service

Vulnerability of Ip6ProcessRedirect function (NetworkPkg/Ip6Dxe/Ip6Nd.c) of Tianocore edk2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain
Unauthorized access to confidential data

Vulnerability in the tcg2measuregpttable() function of the Tianocore EDK2 library is due to a buffer overflow.
Exploitation of the vulnerability could allow an attacker to impact confidentiality,
integrity and availability of protected information

Vulnerability of Ip6IsOptionValid() function of Tianocore edk2 library is related to execution of loop with
unavailable exit condition when processing the PadN parameter. Exploitation of the vulnerability could allow
an attacker acting remotely to affect the availability of protected information or cause a
denial of service

A vulnerability in the DHCPv6 Proxy Advertise Message Handler component of the Tianocore EDK2 library is related to a buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to cause
impact confidentiality, integrity and availability of data

Vulnerability of Dhcp6SendRequestMsg function (NetworkPkg/Dhcp6Dxe/Dhcp6Io.c) of Tianocore edk2 library is related to buffer overflow.
with a buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to have a
affect confidentiality, integrity and availability of protected information

Vulnerability in IPv6 Options Header Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of
denial of service

Vulnerability in Dhcp6HandleAdvertiseMsg function (NetworkPkg/Dhcp6Dxe/Dhcp6Io.c) of Tianocore edk2 library is related to access control flaws.
is related to access control flaws. Exploitation of the vulnerability could allow an attacker,
acting remotely, to gain unauthorized access to protected information

Vulnerability in DHCPv6 Advertise Message Handler component of Tianocore EDK2 library is related to buffer overflow.
buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to affect
Data confidentiality, integrity and availability