[ad_1]
A set of vital safety vulnerabilities has been discovered within the TCP/IP community protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification. Named PixieFail by Quarkslab, these 9 vulnerabilities within the TianoCore EFI Growth Package II (EDK II) affect the community boot course of, essential for loading OS from the community. They may very well be leveraged by attackers, resulting in distant code execution, denial-of-service (DoS) assaults, DNS cache poisoning, and the unauthorized leakage of delicate knowledge.
9 PixieFail UEFI Vulnerabilities
The affect of those vulnerabilities extends to UEFI firmware developed by main firms similar to AMI, Intel, Insyde, and Phoenix Applied sciences. The EDK II incorporates its personal TCP/IP stack generally known as NetworkPkg, facilitating community functionalities in the course of the preliminary Preboot eXecution Setting (PXE) stage. PXE permits units in addition from their community interface card (NIC) and permits the distant configuration and booting of networked computer systems that lack a operating working system.
These vulnerabilities recognized throughout the EDK II’s NetworkPkg embody a wide range of flaws, together with mishandling DHCPv6 Promote messages, inflicting integer underflow, and buffer overflows because of Server ID choices. Such exploits happen earlier than the OS masses, bypassing conventional safety measures.
The record of all PixieFail vulnerabilities consists of:
CVE-2023-45229 (CVSS rating: 6.5) – Integer underflow in DHCPv6 Promote message processing
CVE-2023-45230 (CVSS rating: 8.3) – Buffer overflow in DHCPv6 consumer by way of Server ID choice
CVE-2023-45231 (CVSS rating: 6.5) – Out-of-bounds learn in dealing with ND Redirect message
CVE-2023-45232 (CVSS rating: 7.5) – Infinite loop in parsing unknown choices
CVE-2023-45233 (CVSS rating: 7.5) – Infinite loop in parsing PadN choice
CVE-2023-45234 (CVSS rating: 8.3) – Buffer overflow in processing DNS Servers choice
CVE-2023-45235 (CVSS rating: 8.3) – Buffer overflow in dealing with Server ID choice
CVE-2023-45236 (CVSS rating: 5.8) – Predictable TCP Preliminary Sequence Numbers
CVE-2023-45237 (CVSS rating: 5.3) – Use of a weak pseudorandom quantity generator
Conclusion
The PixieFail vulnerabilities spotlight the need for strong safety measures in community boot setups. In accordance with the CERT Coordination Middle (CERT/CC), the affect and exploitability of those vulnerabilities range relying on the precise firmware construct and default PXE boot configuration. PXE, important for community booting in enterprise methods, is utilized in each server and desktop environments.
Attackers have to be on the identical community because the goal units to take advantage of the PixieFail vulnerabilities. Quarkslab has additionally supplied proof-of-concept (PoC) exploits to help community directors in figuring out weak units.
The sources for this text embody a narrative from Eclypsium.
The put up Vital PixieFail Vulnerabilities Result in RCE and DoS Assaults appeared first on TuxCare.
*** It is a Safety Bloggers Community syndicated weblog from TuxCare authored by Rohan Timalsina. Learn the unique put up at: https://tuxcare.com/weblog/critical-pixiefail-vulnerabilities-lead-to-rce-and-dos-attacks/
[ad_2]
