gsd-2023-45235
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
EDK2's Network Package is susceptible to a buffer overflow vulnerability when
handling Server ID option
from a DHCPv6 proxy Advertise message. This
vulnerability can be exploited by an attacker to gain unauthorized
access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-45235",
"id": "GSD-2023-45235"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-45235"
],
"details": " EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability when\n\n\n\n\n\nhandling Server ID option \n\n\n\n from a DHCPv6 proxy Advertise message. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Confidentiality, Integrity and/or Availability.\n\n",
"id": "GSD-2023-45235",
"modified": "2023-12-13T01:20:37.953882Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "infosec@edk2.groups.io",
"ID": "CVE-2023-45235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "edk2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "edk2-stable202308"
}
]
}
}
]
},
"vendor_name": "TianoCore"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Quarkslab Vulnerability Reports Team"
},
{
"lang": "en",
"value": "Doug Flick"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": " EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability when\n\n\n\n\n\nhandling Server ID option \n\n\n\n from a DHCPv6 proxy Advertise message. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Confidentiality, Integrity and/or Availability.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-119",
"lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h",
"refsource": "MISC",
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"name": "http://www.openwall.com/lists/oss-security/2024/01/16/2",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
},
{
"name": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20240307-0011/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tianocore:edk2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEB3105-57CC-4096-81D3-D58005813C4B",
"versionEndIncluding": "202311",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": " EDK2\u0027s Network Package is susceptible to a buffer overflow vulnerability when\n\n\n\n\n\nhandling Server ID option \n\n\n\n from a DHCPv6 proxy Advertise message. This\n vulnerability can be exploited by an attacker to gain unauthorized \naccess and potentially lead to a loss of Confidentiality, Integrity and/or Availability.\n\n"
},
{
"lang": "es",
"value": "EDK2\u0027s Network Package es susceptible a una vulnerabilidad de desbordamiento de b\u00fafer cuando maneja la opci\u00f3n de ID del servidor desde un mensaje de publicidad del proxy DHCPv6. Un atacante puede aprovechar esta vulnerabilidad para obtener acceso no autorizado y potencialmente provocar una p\u00e9rdida de confidencialidad, integridad y/o disponibilidad."
}
],
"id": "CVE-2023-45235",
"lastModified": "2024-03-13T02:15:50.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "infosec@edk2.groups.io",
"type": "Secondary"
}
]
},
"published": "2024-01-16T16:15:12.643",
"references": [
{
"source": "infosec@edk2.groups.io",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176574/PixieFail-Proof-Of-Concepts.html"
},
{
"source": "infosec@edk2.groups.io",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/16/2"
},
{
"source": "infosec@edk2.groups.io",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h"
},
{
"source": "infosec@edk2.groups.io",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJ42V7O7F4OU6R7QSQQECLB6LDHKZIMQ/"
},
{
"source": "infosec@edk2.groups.io",
"url": "https://security.netapp.com/advisory/ntap-20240307-0011/"
}
],
"sourceIdentifier": "infosec@edk2.groups.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "infosec@edk2.groups.io",
"type": "Secondary"
}
]
}
}
}
}
Loading...