Debian Bug report logs -
#1061256
edk2: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-45236 CVE-2023-45237
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#1061256; Package src:edk2.
(Sun, 21 Jan 2024 15:57:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>.
(Sun, 21 Jan 2024 15:57:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: edk2
Version: 2023.11-5
Severity: important
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi,
The following vulnerabilities were published for edk2.
CVE-2023-45229[0]:
| EDK2's Network Package is susceptible to an out-of-bounds read
| vulnerability when processing the IA_NA or IA_TA option in a DHCPv6
| Advertise message. This vulnerability can be exploited by an
| attacker to gain unauthorized access and potentially lead to a loss
| of Confidentiality.
CVE-2023-45230[1]:
| EDK2's Network Package is susceptible to a buffer overflow
| vulnerability via a long server ID option in DHCPv6 client. This
| vulnerability can be exploited by an attacker to gain unauthorized
| access and potentially lead to a loss of Confidentiality, Integrity
| and/or Availability.
CVE-2023-45231[2]:
| EDK2's Network Package is susceptible to an out-of-bounds read
| vulnerability when processing Neighbor Discovery Redirect message.
| This vulnerability can be exploited by an attacker to gain
| unauthorized access and potentially lead to a loss of
| Confidentiality.
CVE-2023-45232[3]:
| EDK2's Network Package is susceptible to an infinite loop
| vulnerability when parsing unknown options in the Destination
| Options header of IPv6. This vulnerability can be exploited by an
| attacker to gain unauthorized access and potentially lead to a loss
| of Availability.
CVE-2023-45233[4]:
| EDK2's Network Package is susceptible to an infinite lop
| vulnerability when parsing a PadN option in the Destination Options
| header of IPv6. This vulnerability can be exploited by an attacker
| to gain unauthorized access and potentially lead to a loss of
| Availability.
CVE-2023-45234[5]:
| EDK2's Network Package is susceptible to a buffer overflow
| vulnerability when processing DNS Servers option from a DHCPv6
| Advertise message. This vulnerability can be exploited by an
| attacker to gain unauthorized access and potentially lead to a loss
| of Confidentiality, Integrity and/or Availability.
CVE-2023-45235[6]:
| EDK2's Network Package is susceptible to a buffer overflow
| vulnerability when handling Server ID option from a DHCPv6
| proxy Advertise message. This vulnerability can be exploited by an
| attacker to gain unauthorized access and potentially lead to a loss
| of Confidentiality, Integrity and/or Availability.
CVE-2023-45236[7]:
| EDK2's Network Package is susceptible to a predictable TCP Initial
| Sequence Number. This vulnerability can be exploited by an attacker
| to gain unauthorized access and potentially lead to a loss of
| Confidentiality.
CVE-2023-45237[8]:
| EDK2's Network Package is susceptible to a predictable TCP Initial
| Sequence Number. This vulnerability can be exploited by an attacker
| to gain unauthorized access and potentially lead to a loss of
| Confidentiality.
They are described in [9]. Dann, you know more on the fixes?
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-45229
https://www.cve.org/CVERecord?id=CVE-2023-45229
[1] https://security-tracker.debian.org/tracker/CVE-2023-45230
https://www.cve.org/CVERecord?id=CVE-2023-45230
[2] https://security-tracker.debian.org/tracker/CVE-2023-45231
https://www.cve.org/CVERecord?id=CVE-2023-45231
[3] https://security-tracker.debian.org/tracker/CVE-2023-45232
https://www.cve.org/CVERecord?id=CVE-2023-45232
[4] https://security-tracker.debian.org/tracker/CVE-2023-45233
https://www.cve.org/CVERecord?id=CVE-2023-45233
[5] https://security-tracker.debian.org/tracker/CVE-2023-45234
https://www.cve.org/CVERecord?id=CVE-2023-45234
[6] https://security-tracker.debian.org/tracker/CVE-2023-45235
https://www.cve.org/CVERecord?id=CVE-2023-45235
[7] https://security-tracker.debian.org/tracker/CVE-2023-45236
https://www.cve.org/CVERecord?id=CVE-2023-45236
[8] https://security-tracker.debian.org/tracker/CVE-2023-45237
https://www.cve.org/CVERecord?id=CVE-2023-45237
[9] https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Mon Jan 22 08:20:32 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon