OL 2024 080101

Description:

Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited.

OnLogic Security Advisory ID: OL-2024-080101

Type: Advisory

Fixed Vulnerabilities:

Vulnerability

Description

CVSS Base Score

CVSS Vector String

Found version

Fixed version

CVE-2023-45230,CVE-2023-45232, CVE-2023-45233,CVE-2023-45234

Fix ipv6 issues discovered in EDK2

7.5 ~ 8.3

CVSS:3.1 /AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

V1.55

V1.58

BRLY-2022-020

Fix potential vulnerability in Insyde H20

7.7

AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

V1.55

V1.58

BRLY-2023-005

Found unsafe code flow and fixed it

8.2

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

V1.55

V1.58

BRLY-2023-002

Found unsafe code flow and fixed it

8.2

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

V1.55

V1.58

First Public Date: 2024/10/13

Last Update Date: 2024/10/13

Affected Products:

Recommendation:

Update UEFI FW version to V1.58