Commit eda8dd0c authored by Paul Wise's avatar Paul Wise

Add references for edk2 CVEs

parent 4f964612
......@@ -15238,6 +15238,7 @@ CVE-2018-12170
RESERVED
CVE-2018-12169 (Platform sample code firmware in 4th Generation Intel Core Processor, ...)
NOT-FOR-US: Intel
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html
CVE-2018-12168 (Privilege escalation in file permissions in Intel Computing ...)
NOT-FOR-US: Intel
CVE-2018-12167
......@@ -39194,8 +39195,13 @@ CVE-2018-3615 (Systems with microprocessors utilizing speculative execution and
NOTE: most server type CPUs, additional models were supported in the 3.20180807a.1 release
CVE-2018-3614
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=751
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/untested-memory-not-covered-by-smm-page-protection.html
CVE-2018-3613
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=415
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=44
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-authenticated-variable-bypass.html
CVE-2018-3612 (Intel NUC kits with insufficient input validation in system firmware, ...)
NOT-FOR-US: Intel
CVE-2018-3611 (Bounds check vulnerability in User Mode Driver in Intel Graphics ...)
......@@ -84827,14 +84833,29 @@ CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Plat
NOT-FOR-US: Intel
CVE-2017-5735
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
CVE-2017-5734
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
CVE-2017-5733
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
CVE-2017-5732
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
CVE-2017-5731
RESERVED
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
CVE-2017-5730
RESERVED
CVE-2017-5729 (Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and ...)
......@@ -84934,6 +84955,7 @@ CVE-2017-5700 (Insufficient protection of password storage in system firmware fo
NOT-FOR-US: Intel
CVE-2017-5699 (Input validation error in Intel MinnowBoard 3 Firmware versions prior ...)
NOT-FOR-US: Intel MinnowBoard 3 Firmware
NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/uefi-variable-deletioncorruption.html
CVE-2017-5698 (Intel Active Management Technology, Intel Standard Manageability, and ...)
NOT-FOR-US: Intel
CVE-2017-5697 (Insufficient clickjacking protection in the Web User Interface of ...)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment