Ubuntu Security Notice USN-5088-1

Discussion in 'News Aggregator' started by Packet Storm, 24 Sep 2021.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 5088-1 - It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. Various other issues were also addressed.

    Continue reading...
     

Share This Page

Loading...