Vulnerabilites related to TianoCore - EDK II
CVE-2021-38578 (GCVE-0-2021-38578)
Vulnerability from cvelistv5
Published
2022-03-03 21:53
Modified
2024-08-06 00:55
Severity ?
EPSS score ?
Summary
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=3387 | x_refsource_MISC | |
| https://www.insyde.com/security-pledge/SA-2023024 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.499Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=3387", }, { tags: [ "x_transferred", ], url: "https://www.insyde.com/security-pledge/SA-2023024", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "EDK II", vendor: "TianoCore", versions: [ { status: "affected", version: "edk2-stable202208", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.</p>", }, ], value: "Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-124", description: "A case of CWE-124 is occurring in PiSmmCore.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-06T00:55:57.322Z", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=3387", }, { url: "https://www.insyde.com/security-pledge/SA-2023024", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-38578", datePublished: "2022-03-03T21:53:37", dateReserved: "2021-08-11T00:00:00", dateUpdated: "2024-08-06T00:55:57.322Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-28211 (GCVE-0-2021-28211)
Vulnerability from cvelistv5
Published
2021-06-11 15:11
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=1816 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:13.314Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1816", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "EDK II", vendor: "TianoCore", versions: [ { status: "affected", version: "edk2-stable202008", }, ], }, ], descriptions: [ { lang: "en", value: "A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "A case of CWE-122 is occurring in the LzmaUefiDecompressGetInfo function.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-11T15:11:23", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1816", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "infosec@edk2.groups.io", ID: "CVE-2021-28211", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "EDK II", version: { version_data: [ { version_affected: "=", version_value: "edk2-stable202008", }, ], }, }, ], }, vendor_name: "TianoCore", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "A case of CWE-122 is occurring in the LzmaUefiDecompressGetInfo function.", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.tianocore.org/show_bug.cgi?id=1816", refsource: "MISC", url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1816", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-28211", datePublished: "2021-06-11T15:11:23", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:13.314Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-28213 (GCVE-0-2021-28213)
Vulnerability from cvelistv5
Published
2021-06-11 15:11
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=1866 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:12.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1866", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "EDK II", vendor: "TianoCore", versions: [ { status: "affected", version: "edk2-stable201905", }, ], }, ], descriptions: [ { lang: "en", value: "Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.", }, ], problemTypes: [ { descriptions: [ { description: "Replacing example EDK II encrypted private key stored in PcdIpsecUefiCertificateKey presents potential security risks that will expose manufacturer key pair in EDK II.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-11T15:11:23", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1866", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "infosec@edk2.groups.io", ID: "CVE-2021-28213", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "EDK II", version: { version_data: [ { version_affected: "=", version_value: "edk2-stable201905", }, ], }, }, ], }, vendor_name: "TianoCore", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Replacing example EDK II encrypted private key stored in PcdIpsecUefiCertificateKey presents potential security risks that will expose manufacturer key pair in EDK II.", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.tianocore.org/show_bug.cgi?id=1866", refsource: "MISC", url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1866", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-28213", datePublished: "2021-06-11T15:11:23", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:12.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-28216 (GCVE-0-2021-28216)
Vulnerability from cvelistv5
Published
2021-08-05 20:44
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=2957 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:13.115Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=2957", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "EDK II", vendor: "TianoCore", versions: [ { status: "affected", version: "EDK II Master", }, ], }, ], descriptions: [ { lang: "en", value: "BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-587", description: "A case of CWE-587 occurs in function FpdtStatusCodeListenerPei().", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-05T20:44:13", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=2957", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "infosec@edk2.groups.io", ID: "CVE-2021-28216", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "EDK II", version: { version_data: [ { version_affected: "=", version_value: "EDK II Master", }, ], }, }, ], }, vendor_name: "TianoCore", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "A case of CWE-587 occurs in function FpdtStatusCodeListenerPei().", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.tianocore.org/show_bug.cgi?id=2957", refsource: "MISC", url: "https://bugzilla.tianocore.org/show_bug.cgi?id=2957", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-28216", datePublished: "2021-08-05T20:44:13", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:13.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-28210 (GCVE-0-2021-28210)
Vulnerability from cvelistv5
Published
2021-06-11 15:11
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
An unlimited recursion in DxeCore in EDK II.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.tianocore.org/show_bug.cgi?id=1743 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:12.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1743", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "EDK II", vendor: "TianoCore", versions: [ { lessThanOrEqual: "edk2-stable202008", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "An unlimited recursion in DxeCore in EDK II.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-674", description: "A case of CWE-674 is occurring in MdeModulePkg, which can lead to stack and heap corruption.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-11T15:11:23", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1743", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "infosec@edk2.groups.io", ID: "CVE-2021-28210", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "EDK II", version: { version_data: [ { version_affected: "<=", version_value: "edk2-stable202008", }, ], }, }, ], }, vendor_name: "TianoCore", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An unlimited recursion in DxeCore in EDK II.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "A case of CWE-674 is occurring in MdeModulePkg, which can lead to stack and heap corruption.", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.tianocore.org/show_bug.cgi?id=1743", refsource: "MISC", url: "https://bugzilla.tianocore.org/show_bug.cgi?id=1743", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-28210", datePublished: "2021-06-11T15:11:23", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:12.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-38575 (GCVE-0-2021-38575)
Vulnerability from cvelistv5
Published
2021-12-01 00:00
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.483Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.tianocore.org/show_bug.cgi?id=3356", }, { tags: [ "x_transferred", ], url: "https://www.insyde.com/security-pledge/SA-2023025", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "EDK II", vendor: "TianoCore", versions: [ { lessThanOrEqual: "edk2-stable202105", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-124", description: "A case of CWE-124, CWE-680, and CWE-252 is occurring in NetworkPkg/IScsiDxe.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-23T00:00:00", orgId: "65518388-201a-4f93-8712-366d21fe8d2c", shortName: "TianoCore", }, references: [ { url: "https://bugzilla.tianocore.org/show_bug.cgi?id=3356", }, { url: "https://www.insyde.com/security-pledge/SA-2023025", }, ], }, }, cveMetadata: { assignerOrgId: "65518388-201a-4f93-8712-366d21fe8d2c", assignerShortName: "TianoCore", cveId: "CVE-2021-38575", datePublished: "2021-12-01T00:00:00", dateReserved: "2021-08-11T00:00:00", dateUpdated: "2024-08-04T01:44:23.483Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }