Tianocore Security Advisories: 10 new entries for March

There are 10 new UEFI/Tianocore Security Advisories, 32-40. I don’t see 10 new CVEs, though…

32. DNS Packet Size Check: Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.

https://edk2-docs.gitbooks.io/security-advisory/content/dns-pack-size-check.html

33. Opal BlockSid Setting Disabled after S3: Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html

34. PartitionDxe and Udf Buffer Overflow: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.

https://edk2-docs.gitbooks.io/security-advisory/content/partitiondxe-and-udf-buffer-overflow.html

https://nvd.nist.gov/vuln/detail/CVE-2019-0160

35. Stack Overflow on Corrupted BMP: Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html

36. Buffer Overflow in BlockIo service for RAM disk: Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.

https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html

37. XHCI stack local stack overflow: Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html

38. SW SMI Confused Deputy SmramSaveState.c: Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html

39. Unlimited FV Recursion: Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html

40. AuthVariable Timestamp Zeroing on APPEND_WRITE: Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.

https://edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.html

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s