Infinite Loop Vulnerability in EDK2's Network Package when Parsing PadN Option in IPv6 Destination Options Header

Infinite Loop Vulnerability in EDK2's Network Package when Parsing PadN Option in IPv6 Destination Options Header

CVE-2023-45233 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

Learn more about our Network Penetration Testing.