CVE-2021-38578Buffer Underflow in Edk2

CWE-124Buffer UnderflowCWE-787Out-of-bounds Write8 documents8 sources
Severity
9.8CRITICALNVD
CNA7.4
EPSS
0.1%
top 80.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Tianocore Edk2Tianocore EDK IIInsyde Kernel
Timeline
PublishedMar 3
Latest updateOct 10

Description

Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

Debiantianocore/edk2< 2020.11-2+deb11u3+3
NVDtianocore/edk2202202
NVDinsyde/kernel6 versions+5
CVEListV5tianocore/edk_iiedk2-stable202208

🔴Vulnerability Details

3
GHSA
GHSA-grqq-3jqg-g95p: Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize2022-03-04
CVEList
CVE-2021-38578: Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize2022-03-03
OSV
CVE-2021-38578: Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize2022-03-03

📋Vendor Advisories

4
Ubuntu
EDK II vulnerabilities2024-10-10
Microsoft
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.2022-03-08
Red Hat
edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation2022-03-03
Debian
CVE-2021-38578: edk2 - Existing CommBuffer checks in SmmEntryPoint will not catch underflow when comput...2021
CVE-2021-38578 — Buffer Underflow in Tianocore Edk2 | cvebase