CVE-2023-45230 Information

Description

EDK2’s Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality Integrity and/or Availability.

Reference

https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h http://www.openwall.com/lists/oss-security/2024/01/16/2