# OL 2024 080401 **Description:** Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited. **OnLogic Security Advisory ID:** OL-2024-080401 **Type:** Advisory **Fixed Vulnerabilities:** | **Vulnerability** | **Description** | **CVSS Base Score** | **CVSS Vector String** | **Found version** | **Fixed version** | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------- | ------------------- | --------------------------------------------- | ----------------- | ----------------- | | CVE-2023-40238 | OOB Write in RLE4 decode routine during BMP file processing in Insyde firmware. | 5.5 | CVSS:3.1 /AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | V2.05 | V2.08 | | CVE-2021-41842,CVE-2024-27353 CVE-2024-25079,CVE-2024-25078 CVE-2022-36448,CVE-2022-35895 CVE-2022-35893,CVE-2022-35408 CVE-2022-34325,CVE-2022-24069 CVE-2022-24031,CVE-2022-24030 CVE-2021-45971,CVE-2021-45970 CVE-2021-45969,CVE-2021-43323 CVE-2021-42554,CVE-2021-41841 CVE-2021-41839,CVE-2021-41838 CVE-2021-41837,CVE-2021-33625, CVE-2022-46897,CVE-2022-35894 | Fix issues discovered in InsydeH2O | 7.5 \~ 8.2 | CVSS:3.1 /AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | V2.05 | V2.08 | | CVE-2023-45230,CVE-2023-45232, CVE-2023-45233,CVE-2023-45234 | Fix ipv6 issues discovered in EDK2 | 7.5 \~ 8.3 | CVSS:3.1 /AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H | V2.05 | V2.08 | **First Public Date:** 2024/10/15 **Last Update Date:** 2024/10/15 **Affected Products:** * [Karbon 800 Series by OnLogic](https://www.onlogic.com/store/computers/rugged/karbon-800/) **Recommendation**: Update BIOS version to V2.08 {% hint style="info" %} [Subscribe to security updates](https://share.hsforms.com/1c75WyGZgQ6yNzsRyUco9KQc0zha) {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://support.onlogic.com/support-articles/security-advisories/ol-2024-080401.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.