- Security Advisory
- 1. Insecure Default Secure Boot Policy for Option ROMs
- 2. Incorrect PKCS#1v1.5 Padding Verification for RSA Signature Check
- 3. UEFI Variable “Reinstallation”
- 4. Overwrite from Performance Data Variable
- 5. CommBuffer SMM Overwrite/Exposure
- 6. TOCTOU Issue with CommBuffer
- 7. SMRAM Overwrite in Fault Tolerant Write SMI Handler
- 8. SMRAM Overwrite in SmmVariableHandler
- 9. Integer/Heap Overflow in SetVariable
- 10. Heap Overflow in UpdateVariable
- 11. Overwrite from FirmwarePerformance Variable
- 12. Integer/Buffer Overflow in TpmDxe Driver
- 13. Protection of PhysicalPresence Variable
- 14. Boot Failure Related to UEFI Variable Usage
- 15. Buffer Overflows in Capsule Update
- 16. Boot Failure Related to TPM Measurements
- 17. Buffer Overflow in Variable Reclaim
- 18. Overflow in Processing of AuthVarKeyDatabase
- 19. Counter Based Authenticated Variable Issue
- 20. Honoring Memory Only Reset Control and correct MOR spec imlementation
- 21. TCG PP S4 issue
- 22. BIOS Password
- 23. OPAL driver has PP issue on BlockSid
- 24. OPAL driver has PSID issue
- 25. DHCP misses boundary check for network packet
- 26. SmmCore comm buffer check has TOCTOU issue
- 27. UEFI Variable Deletion/Corruption
- 28. EDK II Untested memory not covered by SMM page protection
- 29. Unauthenticated Firmware Chain-of-Trust Bypass
- 30. EDK II Authenticated Variable Bypass
- 31. EDK II TianoCompress Bounds Checking Issues
- 32. DNS Packet Size Check
- 33. Opal BlockSid Setting Disabled after S3
- 34. PartitionDxe and Udf Buffer Overflow
- 35. Stack Overflow on Corrupted BMP
- 36. Buffer Overflow in BlockIo service for RAM disk
- 37. XHCI stack local stack overflow
- 38. SW SMI Confused Deputy SmramSaveState.c
- 39. Unlimited FV Recursion
- 40. AuthVariable Timestamp Zeroing on APPEND_WRITE
- 41. BootGuard TOCTOU