| Package | edk2 |
|---|---|
| Version | 2020.11-2+deb10u1 (buster) |
| Related CVEs | CVE-2021-28216 CVE-2021-38575 CVE-2021-38576 CVE-2021-38578 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2024-1298 CVE-2024-38796 |
Multiple security vulnerabilities have been fixed in EDK II, a modern, feature-rich, cross-platform firmware development environment. Remotely exploitable buffer overflows and out-of-bounds or infinite loop vulnerabilities may lead to a denial of service or the execution of arbitrary code.
For Debian 10 buster, these problems have been fixed in version 2020.11-2+deb10u1.
We recommend that you upgrade your edk2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.